The spam emails which attacked OWA users, including Kaspersky, were sent using the pushdo botnet based on malware from the Backdoor.Win32.NewRes family. These Trojans spread via spam, social networks (in conjunction with the Koobface family) and through hacked websites. An analysis of the phishing site proves that the criminals are using rock phishing techniques typical rock phish structure and together with dynamic content which morphs to target users from the domain under attack.
Source: https://threatpost.com/outlook-web-access-attack-using-pushdo-botnet-101609/72335/