Remote Access Trojan
Konni
First seen: 2014-01 • Status: active
Currently Active Threat
Konni is a North Korean hacking tool used to spy on South Korean diplomats and government officials.
Overview
Konni is a RAT associated with North Korean threat actors. It targets South Korean and international diplomatic entities.
Also Known As
KONNI RAT
How It Spreads
- • Spear-phishing
- • Malicious documents
What It Does
- • Espionage
- • Keylogging
- • File theft
- • Screenshot capture
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for Korean targeting indicators
MITRE ATT&CK Techniques
T1566, T1056, T1113
If You're Infected
- 1.
Engage diplomatic security
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required