Icefog is a cyber-espionage campaign that has been active at least since 2011. Kaspersky Lab is in contact with the targeted organizations as well as government entities in order to help them identify and eradicate the infections. The name Icefog comes from a string used in the command-and-control server (C&C) name of one of the malware samples we analyzed. The attackers embed exploits for several known vulnerabilities into Microsoft Word and Excel documents.”]
Source: https://securelist.com/the-icefog-apt-frequently-asked-questions/57892/