VERY IMPORTANT

FortiGuard Labs has discovered yet another COVID themed lure designed to compel unsuspecting victims to click on what appears at first be an innocuous link. However, unbeknownst to the target, the link leads to a zip file that contains malicious attachments. This blog will highlight the steps taken by an unnamed threat actor targeting the security interests of a former Eastern bloc nation. Spearphishing emails were sent to various security arms of the Ukrainian government utilizing social engineering lures containing subjects such as: “New COVID-21 Variant” and “An Urgent Computer Update”. The Saint Bot Downloader has been observed downloading infostealers and other downloaders.