From hackread.com
According to Trend Micro’s research, the attackers are luring users through geopolitical-themed scams to deliver the notorious NjRAT or Bladabindi malware. The victims of this campaign are mainly located in the Middle East and Africa.
According to Trend Micro researchers Peter Girnus and Aliakbar Zahravi, the attackers use public cloud storage services like files.fm and failiem.lv for hosting malware distributed through compromised web servers. Reportedly, the campaign has been active since mid-2022.