Women Political Leaders Summit targeted in RomCom malware phishing

The Women Political Leaders (WPL) Summit in Brussels was targeted by a new and lighter variant of the RomCom backdoor. ‘Void Rabisu’, thought to be the group behind the attack, used a counterfeit WPL website to trick visitors into downloading malware. The RomCom 4.0 malware is significantly changed, making it harder to detect. The group’s shift from ransomware to exploiting zero-day vulnerabilities in Microsoft products suggests an increased focus on high-level cyber espionage.