Numerous countries’ foreign affairs ministries and embassies were particularly targeted by the attacks, which facilitate malware execution through RAR archive-embedded Windows LNK files and a self-extracting RAR archive with a Visual Basic Script, according to a Cisco Talos analysis. Meanwhile, intrusions against Angola were discovered to involve phishing lures delivering the SpiceRAT trojan through DLL side-loading techniques.

Source: SC Magazine