The China-based APT known as CactusPete has returned with a new campaign aimed at military and financial targets in Eastern Europe. The group also used a fresh variant of the Bisonal backdoor, which allows the attackers to steal information, execute code on target machines and perform lateral movement inside a network. The samples have been compiled rapidly, with more than 20 of them per month appearing in the wild, Kaspersky researchers found. The backdoor was likely delivered to targets via spear-phishing emails with attachments containing exploits for known vulnerabilities.
Source: https://threatpost.com/cactuspete-apt-toolset-respionage-targets/158350/