At least 400 industrial companies in Russia have been targeted by this attack, including companies in the following industries. The main goal of the attack is to steal the money from the targeted organization by compromising them via remote administration software. Cybercriminals using the various new technique to evade detection in the targeted system. Kaspersky researcher: Hooking Windows API functions enables attackers to hide TeamViewer windows, protect malware files from being detected. Attackers using various sophisticated malware in order to perform post exploitation such as privilege escalation and obtaining local administrator privileges.”]
Source: https://gbhackers.com/malicious-hackers-abuse-teamviewer-rms/