Common Information
| Type | Value |
|---|---|
| Value |
Vedalia |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | Konni is a threat actor associated with APT37, a North Korean cyber crime group. They have been active since 2012 and are known for their cyber-espionage activities. Konni has targeted various sectors, including education, government, business organizations, and the cryptocurrency industry. They have exploited vulnerabilities such as CVE-2023-38831 and have used malware like KonniRAT to gain control of victim hosts and steal important information. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-02-14 | 5 | RedEyes hackers use new malware to steal data from Windows, phones | ||
| Details | Website | 2023-02-02 | 60 | 북 해킹 조직, 공정거래위원회 사칭 피싱 공격 진행중! | ||
| Details | Website | 2023-01-31 | 0 | ESET APT Activity Report T3 2022 | WeLiveSecurity | ||
| Details | Website | 2022-12-31 | 1 | 2022年度总结 | ||
| Details | Website | 2022-12-21 | 4 | PolySwarm 2022 Recap - Threat Actor Activity Highlights: North Korea | ||
| Details | Website | 2022-12-16 | 4 | The DPRK delicate sound of cyber | ||
| Details | Website | 2022-12-07 | 10 | 오퍼레이션 이블플레인(Operation EvilPlane) : 국내 이용자의 개인정보가 담긴 파일을 이용한 APT 공격 | ||
| Details | Website | 2022-12-04 | 3 | North Korean APT37 Unleashes Dolphin Backdoor on South Korea | ||
| Details | Website | 2022-11-23 | 3 | ESET launches report highlighting activities of Russia, North Korea, Iran and China-aligned threat actors | TahawulTech.com | ||
| Details | Website | 2022-09-23 | 2 | Fortinet Blog - Broad, Integrated, Automated Cybersecurity | ||
| Details | Website | 2022-09-22 | 3 | vx-underground | ||
| Details | Website | 2022-08-30 | 146 | North Korea is the Threat | ||
| Details | Website | 2022-08-03 | 27 | Woody RAT: A new feature-rich malware spotted in the wild | ||
| Details | Website | 2022-08-02 | 57 | Anomali Cyber Watch: Velvet Chollima Steals Emails from Browsers, Austrian Mercenary Leverages Zero-Days, China-Sponsored Group Uses CosmicStrand UEFI Firmware Rootkit, and More | ||
| Details | Website | 2022-07-28 | 5 | APT trends report Q2 2022 | ||
| Details | Website | 2022-07-24 | 2 | Weekly News Roundup — July 17 to July 23 | ||
| Details | Website | 2022-07-20 | 120 | Securonix Threat Labs Initial Coverage Advisory: STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni/APT37 (North Korea) | ||
| Details | Website | 2022-04-27 | 18 | APT trends report Q1 2022 | ||
| Details | Website | 2022-01-05 | 35 | New Konni Campaign Kicks Off the New Year by Targeting Russian Ministry of Foreign Affairs - Lumen | ||
| Details | Website | 2022-01-03 | 0 | North Korean Group “KONNI” Targets the Russian Diplomatic Sector with new Versions of Malware Implants - Cluster25 | ||
| Details | Website | 2021-11-18 | 0 | Triple Threat: North Korea-Aligned TA406 Scams, Spies, and Steals | Proofpoint US | ||
| Details | Website | 2021-08-20 | 43 | New variant of Konni malware used in campaign targetting Russia | ||
| Details | Website | 2021-08-08 | 18 | The Lazarus Heist: Where Are They Now? | ||
| Details | Website | 2021-02-01 | 38 | 탈륨 조직, 북한경제분야 활동 러시아 연구원 상대로 정교한 사이버 공격 수행 | ||
| Details | Website | 2021-02-01 | 43 | Konni APT 组织以朝鲜疫情物资话题为诱饵的攻击活动分析-安全客 - 安全资讯平台 |