Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
23 November 2023
A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts.
The activity has been attributed to a threat actor called Konni, which is assessed to share overlaps with a North Korean cluster tracked as Kimsuky (aka APT43).
"This campaign relies on a remote access trojan