Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
Foto: The Hacker News
North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop application to distribute malicious payloads to certain contacts. The activity has been attributed by South Korean threat intelligence firm Genians to a hacking group referred to as Konni. "Initial access was achieved through a spear-phishing email disguised as a
North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop application to distribute malicious payloads to certain contacts. The activity has been attributed by South Korean threat intelligence firm Genians to a hacking group referred to as Konni. "Initial access was achieved through a spear-phishing email disguised as a
More from Security
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
Related Articles
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
Apr 6
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Apr 6
BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
Apr 6