Security experts at CISCO Talos have spotted a new insidious remote access tool dubbed ROKRAT that implements sophisticated anti-detection measures. The tool was used in a phishing campaign detected several weeks, attackers leveraged on weaponized documents as attachments. The attackers sent phishing messages from an email address tied to South Koreas Yonsei University on the topic of an upcoming and fictitious Korean Reunification and North Korean Conference The malware appears to connect and load either an Amazon video of a game called Men of War or a Hulu anime video.”]
Source: http://securityaffairs.co/wordpress/57709/malware/rokrat-rat-south-koread.html