Cyberespionage operation XDSpy has launched phishing attacks aimed at compromising organizations in Russia and Moldova with the DSDownloader malware, according to The Hacker News. Attackers — who were first discovered by Belarus’ Computer Emergency Response Team and subsequently associated by ESET with infostealer attacks against Eastern European government agencies since 2011 — leveraged agreement-spoofing phishing emails to deliver a RAR archive with a malicious DLL, which would execute DSDownloader, a report from Russian Group-IB spinoff F.A.C.C.T.

Source: SC Magazine