Cyber espionage group DarkHydrus carrying out credential harvest attack on government entities and educational institutions in the Middle East. Researchers observed the ongoing spear-phishing email campaign with the subject Project Offer that contains malicious word documents as an attachment. Researchers also found another two malicious Word documents using the domain 0utl00k[.]net that is associated with September and November 2017 campaigns. Two of the documents were created using Phishery tool which provides the ability to install inject the URL into a Word document and hosting a C&C server.”]
Source: https://gbhackers.com/darkhydrus-malicious-hackers-group/

