Malwarebytes Labs has detected a new phishing campaign that is likely targeting Russians who are opposed to the war in Ukraine. The campaign targets citizens and public servants with emails warning them about illegal software tools and internet platforms that are forbidden in the country.
Malwarebytes Labs explains that emails pretend to be from a Russian state entity, in order to lure victims to open a malicious attachment or link to find out more, only to be infected with Cobalt Strike.