HOMETHREATSFK Undead
APT / THREAT GROUP

FK Undead

Internal ID: FK_Undead
3
aliases
Last seen:Mar 17, 2026

Intelligence Profile

This malware family is mainly spread through various private server clients in bundles, and mainly tamper with user system network data packets through technical means such as TDI filtering, DNS hijacking, HTTP(s) injection, and HOSTS redirection, hijacking normal web page access to designated private server websites, and using security software cloud detection and killing data packet shielding, shutdown callback rewriting and other means to achieve counter-detection.

Threat Analysis

FK Undead is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases3

Also Known As

FK_Undeadwin.fk_undeadUndead

External Intelligence

Malpedia: win.fk_undead

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.