New FinalDraft Malware Spotted in Espionage Campaign - SecurityWeek

A new malware family, PathLoader and FinalDraft, is being used in an espionage campaign targeting Windows and Linux systems. FinalDraft, written in C++, uses Outlook via the Microsoft Graph API for communication, enabling data exfiltration, process injection, and file manipulation. The malware includes sandbox evasion capabilities and has been linked to attacks on a South American nation’s Foreign Ministry and compromises in Southeast Asia.