North Korean cyberespionage group Konni has been linked to a series of targeted attacks aimed at the Russian Federation’s Ministry of Foreign Affairs. The Konni group’s tactics, techniques, and procedures (TTPs) are known to overlap with threat actors belonging to the broader Kimsuky umbrella. The most recent attacks involved the actor gaining access to the target networks through stolen credentials. The timing of this activity closely aligned with the passage of Russian Vaccine Passport laws that mandated Russians had to receive a QR code from the government to prove vaccination in order to access public places.”]
Source: https://thehackernews.com/2022/01/north-korean-hackers-start-new-year.html