VERY IMPORTANT

"In 2020 Pawn Storm spread simple Google Drive and IMAP Remote Access Trojans (RATs) to attack their usual targets, such as ministries of foreign affairs, embassies, the defense industry and the military. The RATs were also sent to a wider net of targets including various industries around the world. The group also performed widespread brute force attacks to steal credentials such as those of corporate email accounts, as evidenced by network probes we attribute to Pawn Storm and the loose way the actor abused compromised email accounts in malware and in sending spear-phishing emails. Pawn Storm even hardcoded compromised military and government-related email addresses in their IMAP RAT malware to communicate with victims’ computers. Recently, Norwegian authorities announced that Pawn Storm hacked the Norwegian parliament through brute force attacks."