Researchers at Cluster25 have identified a new campaign that is using a new code execution technique that relies on mouse movement. The campaign leverages a PowerPoint document and requires the victim to hover their mouse over the malicious link in the document for the attack to begin. Once the mouse hovers the link, a malicious PowerShell script is triggered which in the end delivers the Graphite malware. Attacks have been seen as recently as September 9th.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in