This Konni crew is catching attention for specifically going after Russia. They’ve got a knack for sending spear-phishing emails and slipping in malicious documents to get to the juicy stuff on your computer. Past attacks even used a vulnerability in WinRAR (CVE-2023-38831), showing that Konni means business when it comes to data heists and espionage.
And this isn’t their first rodeo—North Korean hackers have a track record of going after Russian firms. Last summer, two separate gangs—ScarCruft and Lazarus Group—set their sights on NPO Mashinostroyenia, a crucial Russian missile engineering company. ScarCruft managed to infiltrate some sensitive internal IT stuff, while Lazarus went for a Windows backdoor called OpenCarrot. The digital drama continues.
