From Trend Micro Blog: The waves of backdoor-laden spam emails we observed during June and July that targeted Russian-speaking businesses were part of bigger campaigns. The culprit appears to be the Cobalt hacking group, based on the techniques used. In their recent campaigns, Cobalt used two different infection chains, with social engineering hooks that were designed to invoke a sense of urgency in its recipients—the bank’s employees. Cobalt was named after Cobalt Strike, a multifunctional penetration testing tool similar to Metasploit.