North Korea-linked hackers known as Konni have launched new attacks on Android and Windows devices, involving sophisticated malware and remote device management. These campaigns include impersonation tactics, data exfiltration, and device wiping using legitimate Google services, indicating a high level of operational sophistication. #Konni #LilithRAT
Keypoints
- Konni hackers targeted Android and Windows devices with malware and remote control tactics.
- The attack chain involved spear-phishing emails impersonating legitimate organizations like the National Tax Service.
- Malware used includes Lilith RAT, EndRAT, and AutoIt scripts to enable long-term covert system control.
- The hackers exploited Google’s Find Hub to remotely reset and delete personal data on compromised mobile devices.
- The threat actors demonstrated targeting of Korea-focused operations with tailored malware and command capabilities.
Read More: https://thehackernews.com/2025/11/konni-hackers-turn-googles-find-hub.html