A new and likely state-sponsored threat group has emerged that isn’t using any custom malware at all. Instead, the group is exclusively relying on publicly available hacking tools and living-off-the-land tactics to conduct an especially stealthy and hard-to-detect cyber espionage campaign. The group’s modus operandi has been to send Office lure documents to individuals at targeted organizations which when opened give the attackers a way to remotely execute commands in the victim’s memory using Microsoft’s Office Dynamic Data Exchange protocol.”]
Source: https://www.darkreading.com/attacks-breaches/new-threat-group-conducts-malwareless-cyber-espionage