APT37 employs Konni malware to target high-level organizations
APT37 employs Konni malware to target high-level organizations
Threat Level
Actor Report
For a detailed advisory, download the pdf file here
Summary
The Konni remote access trojan, which is widely used malware by the APT37, is used in the attack campaign to take advantage of high-value targets from countries like the Czech Republic, Poland, and many others. The malware includes a built-in functionality to maintain persistence and privilege escalation on the target system.