Kaspersky: ‘MontysThree’ is taking aim at industrial targets in an ongoing cyberespionage campaign. The group, dubbed “MontyThree,” has been in operation since at least 2018. The malware is primarily interested in stealing documents, such as Microsoft Word and Adobe Acrobat files. The loader is delivered to potential victims through spear-phishing emails that contain attached files disguised as employee contact lists, technical papers or even medical documents. Some of the code appears to have been developed by a Russian-speaking operator.”]
Source: https://www.cuinfosecurity.com/industrial-espionage-campaign-uncovered-a-15148