APT37 employs Konni malware to target high-level organizations

Threat Level

Actor Report

For a detailed advisory, download the pdf file here

Summary

The Konni remote access trojan, which is widely used malware by the APT37, is used in the attack campaign to take advantage of high-value targets from countries like the Czech Republic, Poland, and many others. The malware includes a built-in functionality to maintain persistence and privilege escalation on the target system.