Opal Sleet  (Back to overview)

aka: Konni, OSMIUM

Konni is a threat actor associated with APT37, a North Korean cyber crime group. They have been active since 2012 and are known for their cyber-espionage activities. Konni has targeted various sectors, including education, government, business organizations, and the cryptocurrency industry. They have exploited vulnerabilities such as CVE-2023-38831 and have used malware like KonniRAT to gain control of victim hosts and steal important information.

Associated Families

There are currently no families associated with this actor.

The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits
Cobalt Strike Konni DarkCasino Opal Sleet
2023-09-13Seebug PaperNan, XWS
Analysis of the recent offensive operations conducted by North Korean APT groups
Opal Sleet
2022-10-04Rewterz Information SecurityRewterz Information Security
Rewterz Threat Alert – KONNI APT Group – Active IOCs
Konni Opal Sleet
2022-07-20Securonix Threat LabsD. Iuzvyk, O. Kolesnikov, T. Peck
STIFF#BIZON Detection Using Securonix – New Attack Campaign Observed Possibly Linked to Konni/APT37 (North Korea) - Securonix
Konni Opal Sleet

Credits: MISP Project