puNK-003 is a threat actor attributed to KP. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does puNK-003 exploit?

Specific CVE exploitation data for puNK-003 is being tracked. Check the Strobes VI threat actor profile for updates.

puNK-003

Exploited CVEs

Overview

puNK-003 is a North Korean APT group known for deploying the Lilith RAT, a sophisticated C++ remote access trojan, and its AutoIt variant, CURKON, which functions as a downloader. The group primarily distributes malware through targeted phishing attacks using malicious LNK files. Analysis indicates that puNK-003 shares similarities with the KONNI group, particularly in the use of AutoIt scripts and specific coding functions. Key indicators of infection include unusual network activity and system slowdowns, with removal methods involving specialized antivirus software and manual techniques.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database