A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines. The attack leveraged the infamous “Royal Road” Rich Text Format (RTF) weaponizer to deliver a previously undocumented Windows backdoor dubbed “PortDoor” The attack targeted a general director working at the Rubin Design Bureau, a defense contractor in Russia’s naval arm of the Russian Armed Forces. Rubin Design Bureau is a submarine design center located in Saint Petersburg, accounting for the design of over 85% of submarines.
Source: https://thehackernews.com/2021/05/new-chinese-malware-targeted-russias.html