Check Point Research is tracking an active phishing campaign involving KONNI, a North Korea-affiliated threat actor active since at least 2014. Historically, KONNI focused on South Korean diplomatic, academic, and government-linked targets, using geopolitical themes as phishing lures. This latest activity marks a clear shift. In the current campaign, KONNI targets software developers and engineering teams, particularly those involved in blockchain and cryptocurrency projects. The lures are designed to resemble legitimate project documentation, indicating an effort to compromise individuals with access to valuable technical infrastructure rather than traditional political targets. The campaign stands out for two reasons: its expanded geographic […]
The post AI-Powered North Korean Konni Malware Targets Developers appeared first on Check Point Blog.
Read the original article: