VERY IMPORTANT

A targeted phishing campaign was active in early August 2017 delivering "Подписать документы.doc" (translates to "Sign Documents.doc"), a MS Word document with an embedded macro responsible for dropping both the CHTHONIC banking trojan and DIMNIE spyware to an infected machine. CHTHONIC was discovered in 2014 by Kaspersky security researchers and is considered to be an evolution of ZeusVM malware. DIMNIE is a modular information stealer profiled earlier this year by security researchers at PaloAlto's Unit 42, who found the malware in targeted phishing attacks against open-source developers.