The attack targeting governments and financial firms worldwide. Netskope Threat Research Labs detected the targeted based on its 42 customers instances and likely the attacks to be launched by the infamous hacking group Cobalt Strike. The attack is more convincing than the traditional attacks and these attacks carried out by abusing the GCP URL redirection in PDF decoys and redirecting to the malicious URL hosting the malicious payload. Researchers call it a Squiblydoo technique. The word document Doc102018.doc downloaded form https://transef[.]biz/fr.txt.”]
Source: https://gbhackers.com/cloud-computing-platform-malware/