The attackers sent phishing emails containing a malicious Microsoft Word document, which installed multiple Backdoors on targeted systems. The group likely used that access to conduct espionage.
- Manufacturers of military products and military contractors in Afghanistan and Eastern Europe
Suspected state sponsor
Type of incident