Security researchers at Palo Alto Networks have uncovered a new cyber espionage group tracked as RANCOR that has been targeting entities in South East Asia. The hackers leverage spear phishing messages using weaponized documents containing details taken from public news articles on political news and events. These decoy documents are hosted on legitimate websites, such as the website of the Cambodia Government, and Facebook. The recent campaign appears related to the KHRAT Trojan, a backdoor that was associated with the China-linked APT group.”]
Source: https://securityaffairs.co/wordpress/73927/apt/rancor-cyber-espionage.html