North Korean APT Hackers Target Ukrainian Government Agencies to Steal Login Credentials
gbhackers
North Korean Advanced Persistent Threat (APT) hackers, specifically the Konni group, have shifted their focus to Ukrainian government agencies in a targeted phishing campaign aimed at stealing login credentials and distributing malware.
This attack, observed in February 2025, marks a notable divergence from the group’s traditional targets and raises questions about potential strategic alliances with Russia, especially following North Korea’s reported troop deployment to support Russia in late 2024.
The operation is believed to be part of a broader effort to gather critical intelligence, possibly to assess risks to their forces or to fulfill requests for additional support in the ongoing conflict.
Konni Group Launches Phishing Campaign
The Konni group’s modus operandi in this campaign is both deceptive and technically adept.
Attackers initiated the operation by sending phishing emails disguised as Microsoft security alerts, leveraging a Proton Mail account to enhance the ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE