The North Korea-associated threat group recognized as Konni APT has been linked to a phishing initiative aimed at governmental organizations in Ukraine, demonstrating the group’s focus extending beyond Russia.

Enterprise security company Proofpoint stated that the ultimate aim of this campaign is to gather information on the “direction of the Russian offensive.”

“The group’s focus on Ukraine is consistent with its previous targeting patterns.”