Remote access Trojans in the KONNI and DOGCALL families are the work of the same operator, Palo Alto Network’s Unit 42 says. The latest attacks using this RAT began in July and relied on malicious Microsoft Word documents to lure victims into deploying the malware. The researchers also noticed a malware dropper that has not been reported before, which they called Final1stspy. It can take screenshots, log keystrokes, exfiltrate files, download other payloads or capture audio through the computer’s microphone.
Source: https://www.bleepingcomputer.com/news/security/report-ties-north-korean-attacks-to-new-malware-linked-by-word-macros/