Ukraine supporters in Germany targeted with PowerShell RAT malware

An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT (remote access trojan) and stealing their data.

The malware campaign uses a decoy site to lure users into fake news bulletins that supposedly contain unreleased information about the situation in Ukraine.

These sites offer malicious documents that install a custom RAT that supports remote command execution and file operations.

Read more…
Source: Bleeping Computer