U.S. energy providers were targeted by spear-phishing campaigns delivering a new remote access trojan (RAT) The attacks took place between July and November 2019, and the threat actor behind it was tracked as TA410. The malware dubbed FlowCloud is a full-fledged RAT that gives the TA410 operators total control over compromised devices, as well as the capability to harvest and exfiltrate information to attacker-controlled servers. The attackers have potentially tried to pose as another hacking group, namely TA429 (APT10), by including the http://ffca.com/ffca/.com/rwjh/qtinfo.txt URL as an alternate download server.
Source: https://www.bleepingcomputer.com/news/security/us-energy-providers-hit-with-new-malware-in-targeted-attacks/