New tools attributed to Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. The tool disables protections for running macro scripts in Outlook and to plant the source file for the spearphishing attacks that spread malware to other victims. The Russian-linked hacker group has been in the cyber espionage game since at least 2013, targeting national security institutions in Ukraine for political and military gain. ESET says the method is efficient because documents are often shared within the organization and it also achieves persistence.
Source: https://www.bleepingcomputer.com/news/security/gamaredon-hackers-use-outlook-macros-to-spread-malware-to-contacts/