It was used most recently to target users in Afghanistan, Russia, Tajikistan, Kazakhstan and Kyrgyzstan.
it has also surfaced in attacks from the Chinese Advanced Persistent Threat Actors (APT).
Researchers have identified other RATs, keyloggers and file stealers as well.
The campaign has been active since at least June 2014.
The trojan, is being delivered by email spear phishing.
The aim of this malware is to utilize vulnerabilities in Microsoft Word to install itself onto the target system.
However, in the attacks analyzed by ESET, the exploit doesnt work correctly.
Side Loading
A clever trick has been implemented by Korplug RAT.
In this operation, the attackers configured PlugX to connect to domains such as adobe.com and outlook.com.
source: www.techworm.net
