Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

State-sponsored remote wipe tactics targeting android devices

(Kakao Corp)

By Genians Security Center

The Genians Security Center (GSC) has identified new attack activity linked to the KONNI APT campaign, which is known to be associated with the Kimsuky or APT37 groups.

During its ongoing investigation into KONNI’s operations, GSC discovered that malicious files disguised as “stress-relief programs” were being widely distributed through South Korea’s KakaoTalk messenger platform.

KONNI has overlapping targets and infrastructure with Kimsuky and APT37, leading some researchers to classify them as the same group. All three are recognized as state-sponsored threat actors operating under the direction of the North Korean regime.

Read more at Genians

Click to listen highlighted text!