While this advisory and release comes as the United States election approaches on November 3rd, it has not been uncommon for US cyber-security agencies to make announcements on well-known holidays, such as the Valentine’s Day release of malware associated with the DPRK. However, with the history of US-Russa Relations and election interference, forcing Russian government-backed threat actors into a development cycle to retool and avoid detection by security programs would not be an unusual tactic for the US government to take. As of November 2nd, the Zebrocy malware samples were detected by 49 out of 72 anti-virus programs, and the ComRATv4 sample was detected by 20 anti-virus programs. It is important for defenders to not just rely on anti-virus to detect threats, since malware signatures often lag behind the use of the malware, and threat actors can easily change file hashes and patterns. Endpoint Detection and Response (EDR) software that detects patterns of behavior on systems are much more effective at finding threats, provided that they are monitored by skilled analysts who respond when unusual behavior is detected.

References:
https://www.zdnet.com/article/us-cyber-command-exposes-new-russian-malware/

An implant dropper dubbed #ComRATv4 recently attributed by @CISAgov and @FBI to Russian sponsored APT, Turla. It was likely used to target ministries of foreign affairs and national parliament.
@CNMF_CyberAlert continues to disclose #malware samples on: https://t.co/fSgk1xpG8t pic.twitter.com/c2jmozTAyB

— USCYBERCOM Cybersecurity Alert (@CNMF_CyberAlert) October 29, 2020