April 2025 APT Group Trends
Contents
April 2025 APT Group Trends
Trends of major APT groups by country
1) North Korea
Since November 2024, the North Korean APT group has been exploiting the vulnerability of South Korean Internet financial security software. Similar attacks have been carried out in the past, and the threat actors have been launching attacks based on their understanding of the South Korean software ecosystem.
Konni
The Konni group distributed malware composed of an LNK file and AutoIT script through a spear phishing attack that impersonated a South Korean government agency.
| Case 1. | |
| Period | From January to March 2025 |
| Target | Activists affiliated with a North Korea human rights and inter-Korean NGO |
| Initial Access | Threat actors impersonated the National Human Rights Commission and the Korean National Police Agency to send spear phishing emails to recipients, urging them to reply. They then sent a malicious file. |
| Vulnerability | N/A |
| Malware and …
Trends of major APT groups by country
1) North Korea
Since November 2024, the North Korean APT group has been exploiting the vulnerability of South Korean Internet financial security software. Similar attacks have been carried out in the past, and the threat actors have been launching attacks based on their understanding of the South Korean software ecosystem.
Konni
The Konni group distributed malware composed of an LNK file and AutoIT script through a spear phishing attack that impersonated a South Korean government agency.
| Case 1. | |
| Period | From January to March 2025 |
| Target | Activists affiliated with a North Korea human rights and inter-Korean NGO |
| Initial Access | Threat actors impersonated the National Human Rights Commission and the Korean National Police Agency to send spear phishing emails to recipients, urging them to reply. They then sent a malicious file. |
| Vulnerability | N/A |
| Malware and …