Genians Security Center uncovers โOperation Poseidon,โ an advanced campaign by the Konni APT group exploiting trusted ad infrastructure to deliver malware. This tactic emphasizes the evolving sophistication of nation-state cyber threats targeting South Korean sectors. #Konni #OperationPoseidon
Keypoints
- The Konni APT group is behind the highly targeted Operation Poseidon campaign.
- Attackers used legitimate ad-redirection URLs from platforms like Google and Naver to mask malicious activity.
- The campaign exploited open redirects to deceive security filters and deliver malware via compromised WordPress sites.
- Social engineering tactics included impersonation of North Korean human rights groups and South Korean financial institutions.
- The campaign used sophisticated techniques such as HTML-based content padding to bypass AI detection systems.
Read More: https://securityonline.info/operation-poseidon-konni-apt-hijacks-google-naver-ads-for-malware/