The group behind the sophisticated malware known as StrongPity (a.k.a. Promethium) has mounted a fresh spyware campaign that is still ongoing as of July 2019. The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks. The new malware, which is now targeting users located in Turkey, is similar to the group s hallmark malware code, according to the research. The malware is built to locate sensitive documents while establishing a persistent backdoor for remote access.
Source: https://threatpost.com/strongpity-apt-retooled-spyware/146503/

