Gamaredon threat group has added a new Visual Basic for Applications (VBA) macro to its post-compromise toolset. The VBA macro leverages compromised victims Microsoft Outlook email accounts to send spear-phishing emails to their contacts. Researchers say this is the first publicly documented case of an attack group using both an Outlook macro and an OTM file to do so. The advanced persistent threat group (APT) is responsible for a number of high-profile attacks, including recent attacks on Ukrainian national security targets.
Source: https://threatpost.com/microsoft-outlook-users-targeted-by-gamaredons-new-vba-macro/156484/