Russian Government Software Backdoored to Deploy Konni RAT Malware

A backdoor has been included in an installer for a utility that is probably used by the Ministry of Foreign Affairs (MID)’s Russian Consular Department to distribute the remote access trojan Konni RAT (also known as UpDog).

The investigation was conducted by German cybersecurity firm DCSO, which concluded that actors with ties to the Democratic People’s Republic of Korea (DPRK) were behind the action, which was directed towards Russia.

The Konni activity cluster, also known as Opal Sleet, Osmium, or TA406, has a documented history of using Konni RAT against Russian organizations. Since October 2021, at least, the threat actor has also been connected to assaults on MID.

In November 2023, Fortinet FortiGuard Labs made public the use of Microsoft Word documents written in Russian as a vehicle for malware that can infect Windows computers read more Russian Government Software Backdoored to Deploy Konni RAT Malware.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *