Tag: Russian Government Software

Russian Government Software Backdoored to Deploy Konni RAT Malware
News

Russian Government Software Backdoored to Deploy Konni RAT Malware

A backdoor has been included in an installer for a utility that is probably used by the Ministry of Foreign Affairs (MID)'s Russian Consular Department to distribute the remote access trojan Konni RAT (also known as UpDog). The investigation was conducted by German cybersecurity firm DCSO, which concluded that actors with ties to the Democratic People's Republic of Korea (DPRK) were behind the action, which was directed towards Russia. The Konni activity cluster, also known as Opal Sleet, Osmium, or TA406, has a documented history of using Konni RAT against Russian organizations. Since October 2021, at least, the threat actor has also been connected to assaults on MID. In November 2023, Fortinet FortiGuard Labs made public the use of Microsoft Word documents written in Russian as...