Hive0117 group targets Russian firms with new variant of DarkWatchman malware

The Hive0117 cybercrime group targeted Russian organizations across various sectors with a phishing campaign using a modified version of the DarkWatchman malware. The campaign, detected on April 29th, involved mass emails with password-protected archives that, when opened, installed the malware.