This APT group was detected targeting the Russian diplomatic sector in January 2022, employing a spear phishing theme for New Year's Eve festivities as bait. The North Korean hacker group distributes Konni RAT via phishing messages or emails. KONNI has been linked to various alleged North Korean attacks targeting political groups in Russia, East Asia, Europe, and the Middle East. It is believed to be based in North Korea and is known for targeting government agencies and organizations in South Korea and the United States.