...the tool uses “a variety of techniques to evade detection, including hosting its communications with the control server on public cloud services and hiding the main malicious module using steganography.”
...files are disguised to trick employers into downloading them. They contain names related to employees’ contact lists, technical documentation, and medical analysis results to trick employees as part of a common spear-phishing technique...
MontysThree is designed to specifically target Microsoft and Adobe Acrobat documents, Kaspersky said. The malware can enable attackers to capture screenshots and gather information about the victim’s network settings, hostname, etc. more
