More than a dozen military-industrial and public institutions in Afghanistan and Europe have come under a wave of targeted attacks since January 2022 to steal confidential data using six different attack methods simultaneously.

The Russian cybersecurity firm attributed the high-security attacks to a China-linked threat actor tracked by Proofpoint. Tactics and techniques pointed to overlaps in procedures.

Attack chains plan to infiltrate corporate networks using phishing emails, including from applicants, to lure recipients into opening fake Microsoft Word documents.

Precautions to be taken in order to be protected from such attacks;

• Do not download files from unsafe links,
  

• Do not click on irrelevant links,
  

• Use advanced Anti-Virus applications,
  

• Do not visit unsafe websites,
  

• Provide awareness training to users.