The latest attack wave of the Pacifier APT uses spear-phishing mails and highly obfuscated code to infiltrate targets of interest.
The spear-phishing mails have been seen holding fake documents on oil conferences, international politics, and budget calculations.
The Pacifier APT has been seen in the following countries:
- The Philippines
The report that has been published by BitDefender shares the following indicators of interest:
All the sites above seem to be compromised web servers
You can read the full report by BitDefender here