Threat group TA800 is distributing a new malware loader based on Nim programming language. The Nimza loader is designed to help avoid detection, cybersecurity company Proofpoint says. The malware is exclusive to TA800, and we’ve only seen it distributed once. This could be a sign of more to come, experts say. TA800 was responsible for a wave of attacks against the healthcare sector last year using a loader called Baza loader. The switch to using Nim is a good example of how threat actors are constantly changing tactics to avoid detection.”]
Source: https://www.govinfosecurity.com/spear-phishing-campaign-distributes-nim-based-malware-a-16176