VERY IMPORTANT

A phishing campaign was uncovered that entices users to download a malicious Java downloader to spread new VCURMS and STRRAT remote access trojans. The attackers stored malware on public services and used a commercial protector to avoid detection. The receiving endpoint uses Proton Mail for command and control via email.