2019-06-10 16:34:25 +08:00
|
|
|
# Konni
|
2019-06-10 16:30:59 +08:00
|
|
|
https://twitter.com/blackorbird
|
|
|
|
|
|
2019-06-10 16:34:09 +08:00
|
|
|
## relate to Kimsuky
|
2019-06-10 16:30:59 +08:00
|
|
|
|
|
|
|
|
APT Campaign 'Konni' & 'Kimsuky' find commonality in organizations
|
2019-06-10 16:34:09 +08:00
|
|
|
|
2019-06-10 16:30:59 +08:00
|
|
|
https://blog.alyac.co.kr/2347
|
|
|
|
|
|
2019-09-23 10:07:05 +08:00
|
|
|
Operation Moneyholic With HWP Document
|
|
|
|
|
https://asec.ahnlab.com/1251
|
|
|
|
|
|
2019-09-27 10:10:37 +08:00
|
|
|
Konni's APT Group conducts attacks with Russian-North Korean trade and economic investment documents
|
|
|
|
|
https://blog.alyac.co.kr/2535
|
2019-06-10 16:30:59 +08:00
|
|
|
|
2019-06-10 16:34:09 +08:00
|
|
|
## relate to darkhotel
|
2019-06-10 16:30:59 +08:00
|
|
|
|
|
|
|
|
KONNI: A Malware Under The Radar For Years
|
2019-06-10 16:34:09 +08:00
|
|
|
|
2019-06-10 16:30:59 +08:00
|
|
|
https://blog.talosintelligence.com/2017/05/konni-malware-under-radar-for-years.html
|
2019-06-10 16:34:09 +08:00
|
|
|
|
2019-06-10 16:41:25 +08:00
|
|
|
## relate to syscon and darkhotel
|
|
|
|
|
|
2019-06-10 16:30:59 +08:00
|
|
|
https://s.tencent.com/research/report/552.html
|
|
|
|
|
|
2019-06-10 16:41:25 +08:00
|
|
|
## relate to syscon
|
|
|
|
|
|
|
|
|
|
McAfee Uncovers Operation Honeybee, a Malicious Document Campaign Targeting Humanitarian Aid Groups
|
|
|
|
|
|
|
|
|
|
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/
|
|
|
|
|
|
2019-06-10 16:34:09 +08:00
|
|
|
## relate to group123
|
2019-06-10 16:30:59 +08:00
|
|
|
|
|
|
|
|
ScarCruft continues to evolve, introduces Bluetooth harvester
|
2019-06-10 16:34:09 +08:00
|
|
|
|
2019-06-10 16:30:59 +08:00
|
|
|
https://securelist.com/scarcruft-continues-to-evolve-introduces-bluetooth-harvester/90729/
|
2019-06-10 16:34:09 +08:00
|
|
|
|
2019-06-10 16:37:58 +08:00
|
|
|
## relate to Carrotbat
|
|
|
|
|
|
|
|
|
|
The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
|
|
|
|
|
|
|
|
|
|
https://unit42.paloaltonetworks.com/unit42-the-fractured-block-campaign-carrotbat-malware-used-to-deliver-malware-targeting-southeast-asia/
|
|
|
|
|
|
|
|
|
|
## relate to Amadey
|
|
|
|
|
Korean Kusa Konni Organization, Blue Sky Utilizing 'Amadey' Russia Botnet
|
|
|
|
|
|
|
|
|
|
https://blog.alyac.co.kr/2308
|
|
|
|
|
|
2019-06-10 16:45:32 +08:00
|
|
|
## relate to babyface rat
|
|
|
|
|
|
|
|
|
|
The Konni APT Campaign and 'Operation Hunter Adonis'
|
|
|
|
|
|
|
|
|
|
https://blog.alyac.co.kr/2061
|
|
|
|
|
|
2019-06-10 16:37:58 +08:00
|
|
|
|
2019-06-10 16:34:09 +08:00
|
|
|
## relate to Nokki
|
|
|
|
|
|
|
|
|
|
New KONNI Malware attacking Eurasia and Southeast Asia
|
|
|
|
|
|
|
|
|
|
https://unit42.paloaltonetworks.com/unit42-new-konni-malware-attacking-eurasia-southeast-asia/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Nokki relate to group123
|
|
|
|
|
|
|
|
|
|
NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
|
|
|
|
|
|
|
|
|
|
https://unit42.paloaltonetworks.com/unit42-nokki-almost-ties-the-knot-with-dogcall-reaper-group-uses-new-malware-to-deploy-rat/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
