InvisiMole was first uncovered by ESET in 2018, with cyberespionage activity dating back to 2013 in Ukraine and Russia. Researchers have spotted the group attacking a few high-profile organizations in the military sector and diplomatic missions, both in Eastern Europe. The threat group gave its post-compromise toolset a facelift with the addition of a new Visual Basic for Applications (VBA) macro, targeting Microsoft Outlook users. The updated toolset relies heavily on living off the land techniques, which are used across its four different execution chains.
Source: https://threatpost.com/invisimole-resurfaces-gamaredon-partnership/156674/