Microsoft Threat Intelligence Center (MSTIC) said last week that the Russian-backed hacking group APT29, also known as Nobelium, used four new families of malware in its recent phishing attacks, embodying the U.S. Agency for International Development (USAID).
The group also sent phishing emails to 3,000 email accounts and more than 150 organizations, some of which include government agencies and organizations dedicated to international development, humanitarian and human rights work.
According to Microsoft in a second blog post on May 28, the four new malware families include an HTML attachment called “EnvyScout,” a loader known as “NativeZone,” and finally a shellcode downloader and launcher known as “VaporRage.”
For more information, read the original story in Bleeping Computer.