Check Point Research has identified new variants of the long-dormant Bandook spyware that are being used for espionage campaigns across the world. The malware is believed to have originated with the Lebanese General Security Directorate in Beirut, an intelligence agency. The latest Bandook versions are spread as malicious Microsoft Word documents within a zip file that is disguised to appear as though it originated with cloud-based services such as Office365, OneDrive or Azure. Check Point researchers note the latest malware has been used to target government, financial, energy, food industry, healthcare, education, IT and legal organizations.”]
Source: https://www.cuinfosecurity.com/researchers-find-updated-variants-bandook-spyware-a-15485