Alias Description | Votes |
---|---|
Kimsuky is a possible alias for KONNI. Kimsuky is a threat actor group linked to North Korea, known for its malicious cyber activities with a particular focus on espionage. The group has been observed employing a variety of sophisticated tactics and techniques, including the use of malware such as TOGREASE, GREASE, and RandomQuery, which | 3 |
Ta406 is a possible alias for KONNI. TA406, also known as the Konni Group or Kimsuky, is a state-sponsored cybercrime organization based in North Korea. This threat actor has been implicated in numerous cyber espionage activities, targeting entities such as news media organizations, academic institutions, and think tanks. The group gai | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Amadey Malware is associated with KONNI. Amadey is a malicious software (malware) that has been known since 2018 and is notorious for stealing credentials from popular browsers and various Virtual Network Computing (VNC) systems. The malware, which is often sold in underground forums, uses sophisticated techniques to infect systems, includ | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT37 Threat Actor is associated with KONNI. APT37, also known as RedAnt, RedEyes, ScarCruft, and Group123, is a threat actor suspected to be backed by North Korea. It has been active since at least 2012, primarily targeting South Korea across various industry verticals such as chemicals, electronics, manufacturing, aerospace, automotive, and | Unspecified | 4 |
The Sandworm Threat Actor is associated with KONNI. Sandworm, a threat actor linked to Russia, has been identified as the primary cyber attack unit supporting Russian military activities in Ukraine. This group is notorious for its sophisticated and disruptive cyber attacks, including the compromise of 11 Ukrainian telecommunications providers which c | Unspecified | 3 |
The Konni Group Threat Actor is associated with KONNI. The Konni Group, also known as TA406, is a threat actor believed to be associated with North Korean cyberespionage activities. According to cybersecurity firm DuskRise, the group has been involved in sophisticated cyberattacks, including one where they compromised a foreign ministry email account to | Unspecified | 2 |
The APT29 Threat Actor is associated with KONNI. APT29, also known as Midnight Blizzard and linked to Russia's Foreign Intelligence Service (SVR), is a notorious threat actor that has been implicated in several high-profile cyberattacks. The group has demonstrated sophisticated capabilities, exploiting vulnerabilities such as the WinRAR 0day flaw | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-38831 Vulnerability is associated with KONNI. CVE-2023-38831 is a critical vulnerability identified in the WinRAR software, with a CVSS score of 7.8, indicating high severity. This flaw in software design or implementation has been exploited to disseminate the LONEPAGE malware through ZIP files using an exploit known as UAC-0099. The vulnerabil | Unspecified | 3 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 10 months ago | ||
InfoSecurity-magazine | 10 months ago |