New variant of Konni RAT used in a campaign that targeted Russia


Security researchers at Malwarebytes Labs have uncovered an ongoing malware campaign that is mainly targeting Russia with the Konni RAT.

The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks. The RAT was able to avoid detection due to continuous evolution, it is able of executing arbitrary code on the target systems and stealing data.

The Konni RAT has been attributed to North Korea-linked threat actors tracked as Thallium and APT37.

Read more…