FINALDRAFT Malware Targets South American Foreign Ministry
/ 1 min read
🖥️🌍 New malware campaign targets South American foreign ministry with advanced espionage tools. A recent analysis by Elastic Security Labs has revealed a sophisticated cyber espionage campaign, attributed to the threat cluster REF7707, targeting the foreign ministry of an unnamed South American country. The campaign, detected in November 2024, employs bespoke malware named FINALDRAFT, which allows remote access and command execution through the Microsoft Graph API. Researchers noted that the attackers likely had valid network credentials, enabling lateral movement within the compromised environment. The campaign also involved targets in Southeast Asia, including a telecommunications entity and a university, highlighting its broad scope and potential implications for international security.
