image credit: pixabay
Active since at least 2014 but remaining unnoticed for over three years, KONNI has been used in highly targeted attacks only, including ones aimed at the United Nations, UNICEF, and entities linked to North Korea. Security researchers also identified a link between KONNI and DarkHotel.
Once installed on a victim’s computer, the threat can exfiltrate large amounts of information, log keystrokes, take screenshots, steal clipboard content and data from browsers such as Chrome, Firefox, and Opera, and execute arbitrary code.
Comments are closed.
