McAfee Advanced Threat Research analysts have spotted new malicious techniques used by the APT28 threat group.
The attack starts with a malicious document that leverages the Microsoft Office Dynamic Data Exchange (DDE) with PowerShell to allow an attacker to execute arbitrary code on a victim’s system.
According to the McAfee report, APT28 has recently used a new theme to capitalize on the recent terrorist attack in New York City.
Once the victim opens up the attachment, the document then reaches out to a control server used to then drop and infect the system with Seduploader malware.