Group now uses MS Office Word documents to deliver malicious payload to victims’ machines. Evilnum APT group attacks coincide with the Russia-Ukraine conflict. Group primarily targeting fintech firms in the U.K. and Europe. Zscaler’s ThreatLabz researchers say that they have identified several previously undocumented domains associated with the Evilnum advanced persistent threat group; they say that this indicates the group has been successful at flying under the radar and has remained undetected for a long time.”]
Source: https://www.cuinfosecurity.com/evilnum-hacking-group-updates-ttps-targeting-fintech-a-19496