North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop application to distribute malicious payloads to certain contacts. The activity has been attributed by South Korean threat intelligence firm Genians to a hacking group referred to as Konni. "Initial access was achieved through a spear-phishing email disguised as a
![]()
source https://thehackernews.com/2026/03/konni-deploys-endrat-through-spear.html
source https://thehackernews.com/2026/03/konni-deploys-endrat-through-spear.html