Researchers warn that U.S. firms are being targeted with legitimate but trojanized documents that are often socially engineered to a tee. The campaign is highly sophisticated, using legitimate documents that the targets were likely expecting, which have been booby-trapped. Threat actors used anti-evasion tactics such as utilizing obscure file formats (including the Kodak FlashPix format), which make them harder to detect by antivirus products. The most recent document associated with the campaign, modified on Aug. 20, featured a report on the construction of a new ballistic missile submarine (SSB)
Source: https://threatpost.com/north-korean-spear-phishing-attack-us/148299/