North Korea-Linked Konni APT Group – Active IOCs
Contents
An Emerging Ducktail Infostealer – Active IOCs
December 23, 2024Lazarus Group Uses CookiePlus Malware to Target Nuclear Engineers – Active IOCs
December 23, 2024An Emerging Ducktail Infostealer – Active IOCs
December 23, 2024Lazarus Group Uses CookiePlus Malware to Target Nuclear Engineers – Active IOCs
December 23, 2024Severity
High
Analysis Summary
The Konni APT (Advanced Persistent Threat) group has been a cyber espionage group since at least 2014. It is believed to be based in North Korea and is known for targeting government agencies and organizations in South Korea and the United States.
The North Korean hacker group distributes Konni RAT via phishing messages or emails. The infection chain begins when the victim accesses a weaponized file. Adversaries employ Konni RAT to gather information from victims, capture screenshots, steal files, and build a remote interactive shell. KONNI has been linked to various alleged North Korean attacks targeting political groups in Russia, East Asia, Europe, and the Middle East. KONNI …
December 23, 2024Lazarus Group Uses CookiePlus Malware to Target Nuclear Engineers – Active IOCs
December 23, 2024An Emerging Ducktail Infostealer – Active IOCs
December 23, 2024Lazarus Group Uses CookiePlus Malware to Target Nuclear Engineers – Active IOCs
December 23, 2024Severity
High
Analysis Summary
The Konni APT (Advanced Persistent Threat) group has been a cyber espionage group since at least 2014. It is believed to be based in North Korea and is known for targeting government agencies and organizations in South Korea and the United States.
The North Korean hacker group distributes Konni RAT via phishing messages or emails. The infection chain begins when the victim accesses a weaponized file. Adversaries employ Konni RAT to gather information from victims, capture screenshots, steal files, and build a remote interactive shell. KONNI has been linked to various alleged North Korean attacks targeting political groups in Russia, East Asia, Europe, and the Middle East. KONNI …
IoC
64.227.161.158
2eebb492567f5d4727c2812a151ead68
f9ec5982db1f1719d25337dc045f11cbf9fef959
5c88f02ebe01437130b82c4d5e87504f
3b67217507e0c44bd7a4cfafed0e8958d21594c98eec43a999614815a7060410
33f7b924363ca6cd73e0860466b9c9150120e36c
c94e58f134c26c3dc25f69e4da81d75cbf4b4235bcfb40b17754da5fe07aad0a
2eebb492567f5d4727c2812a151ead68
f9ec5982db1f1719d25337dc045f11cbf9fef959
5c88f02ebe01437130b82c4d5e87504f
3b67217507e0c44bd7a4cfafed0e8958d21594c98eec43a999614815a7060410
33f7b924363ca6cd73e0860466b9c9150120e36c
c94e58f134c26c3dc25f69e4da81d75cbf4b4235bcfb40b17754da5fe07aad0a