Christopher Cwalina is a Partner in Holland & Knight's Washington D.C. office
In March 2016, a financially motivated threat actor launched several tailored spear phishing campaigns primarily targeting the retail, restaurant and hospitality industries. The emails contained variations of Microsoft Word documents with embedded macros that, when enabled, downloaded and executed a malicious downloader. The downloader was used by the threat actor to interact with compromised systems and move laterally across victim environments. Holland & Knight's Data Breach Team assisted a number of clients in investigating and remediating the fallout from this campaign.
Just today, FireEye issued an alert about this threat actor. More information can be found on the FireEye blog.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.