Operation Vendetta RoboSki
A new threat group known as "Vendetta" was discovered in early 2020 targeting entities with spear-phishing emails to steal sensitive information. Fake letters from multiple organizations were used as lures and convince victims to open the malicious attachments. The malware was discovered in various regions including North America, Eastern Europe, Western Europe, South East Asia, and North Africa. After the attachment is opened the malicious software runs in memory and can evade sandboxes, bypass anti-virus, and download additional files onto the infected system.