A North Korean cyber-espionage group has targeted Russian embassy diplomats over the winter holidays with emails carrying New Year greetings in the hopes of infecting them with malware.
The attacks have been linked to a threat actor known as Konni, and have been taking place since at least December 20, cybersecurity firm Cluster25 said in a report published on Monday.
According to Cluster25, the ZIP files contained a Windows screensaver (.scr) file that, when executed, installed a screensaver with Russian holiday greetings, but also the Konni remote access trojan (RAT), the malware after which the group was named, and which granted the attacker full control over the infected systems.Trojan