Microsoft said the Actinium threat group (also known as Gamaredon) has been observed targeting government, military and law enforcement organizations in Ukraine with spear-phishing emails.
SEO-friendly websites promising Zoom or TeamViewer application installations are actually attacker-owned and deploy malware.
The source code's release on GitHub can potentially mean future attacks on IoT devices and routers, warn researchers.
Timo Steffens, private security researcher and author of Attribution of Advanced Persistent Threats, discusses some of the top roadblocks that researchers face during attribution.
Researchers have been tracking the malware packer since 2020 in dozens of campaigns that have impacted hundreds of victims.