The Trojan Target Government of Belarus
Group 42 Palo Alto Networks conducted a work in which it identified a number of phishing emails containing updated versions of the previously discussed CMSTAR malware family. The first mention of this time-honored program was in the spring of 2015, and then in 2016.
This article provides the examples of a total of 20 unique letters, which were focused on the government of Belarus. The researchers discovered two new versions of the CMSTAR malware family. Between the identified samples and others that they discovered when expanding the scope of research, and they identified two previously unknown families of malware. More information can be found in this article.