Intrusions offering a fraudulent fix for the issue were reported by cybersecurity researcher g0njxa and AnyRun to have been conducted to deploy the Remcos RAT trojan.
Attackers leveraged spear-phishing to lure targets into downloading an MSI installer for Skype for Business from a domain resembling one belonging to the Italian government.
Attacks by Kimsuky commenced with the distribution of Japanese security and diplomatic organization-spoofing phishing emails with a malicious ZIP file.