IBM Trusteer researchers have identified targeted cyberattacks on several Middle Eastern petrochemical companies in which attackers use a variant of the evasive Citadel malware. Citadel was originally created for the purpose of stealing money from financial institutions and has been massively distributed on users PCs around the world. The malware operates according to instructions provided in a configuration file. The configuration file instructs Citadel on which websites and applications to target, which information to steal and how to steal it. Citadel malware was instructed to look for user access to certain URL addresses of internet-connected systems, such as webmail, in the targeted companies.”]