Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
released on 2022-01-25 @ 05:22:30 PM
A multi-stage espionage campaign has been identified targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. The infection chain starts with the execution of an Excel downloader, most likely sent to the victim via email, which exploits an MSHTML remote code execution vulnerability (CVE-2021-40444) to execute a malicious executable in memory.