The scoop is that North Korean hackers are apparently trying to snag some sensitive info from Russian targets, and they’re doing it with those tricky Microsoft Word documents. Fortinet researcher Cara Lin spilled the beans on a group called Konni (or maybe Kimsuky AKA APT43), who are using a Russian-language Microsoft doc loaded with a sneaky macro-delivered malware.
This sly script does a bunch of things—it kicks off a Batch script to snoop around the system, then it waltzes past the User Account Control (UAC) settings, and finally drops an infostealing DLL into the mix. It’s like a digital heist in action.
