A fresh malware trojan has emerged, built from the same code base as the stealthy COMPFun remote access trojan (RAT) The malware is using spoofed visa applications to hit diplomatic targets in Europe and may be the work of the Turla APT. Kaspersky attributes the new RAT to the same threat actor which is perhaps the Turlas APT with medium-to-low level of confidence. The malware uses RSA encryption to exfiltrate the target s data to the C2 over.
Source: https://threatpost.com/innovative-spy-trojan-european-diplomatic-targets/155763/