Cluster25 analyzed a recent attack linked to the North Korean APT group “Konni” targeting Russian diplomatic sector using a spear phishing theme for New Year’s Eve festivities as lure.
Once the malicious email attachment is opened and executed, a chain composed by multiple stages is triggered, allowing actor to install an implant belonging to the Konni RAT family as final payload….