A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni. The group is believed to be operating under the Kimsuky umbrella. Most recent intrusions staged by the group involved targeting the Russian Federation’s Ministry of Foreign Affairs (MID) with New Year lures to compromise Windows systems. A new addition to the backdoor’s existing capabilities is the transition from Base64 encoding to AES encryption to protect its strings and for obfuscating their true purpose.”]
Source: https://thehackernews.com/2022/01/north-korean-hackers-return-with.html