Central Asian government organizations have been compromised with the new DownEx malware as part of an active advanced cyberespionage campaign potentially linked to Russian state-sponsored threat actors, according to The Hacker News. Attackers have leveraged spear-phishing emails with diplomat-themed lures that contain a Microsoft Word file-spoofing loader executable, which then prompts the extraction of a decoy file and a malicious HTML application tasked with next-stage payload retrieval, a report from Bitdefender revealed.
Read full article on SC Magazine