A U.S. government agency was targeted with spear phishing emails harboring several malware strains including a never-before-seen malware downloader that researchers call Carrotball s The malicious email campaign included six unique malicious document lures being sent as attachments from four different Russian email addresses to 10 targets. The subject matter of the lures featured articles written in Russian pertaining to ongoing geopolitical relations issues surrounding North Korea. Researchers say they assess with moderate confidence that the activity is related to the Konni Group APT.
Source: https://threatpost.com/u-s-gov-agency-malware-laced-emails/152141/