From malware.news
The ASEC analysis team is back to continuously introduce DOC macro documents used by the TA551 group in attacks. The operation flow of macro documents hasn’t changed since its introduction in July. However, we have confirmed that in the most recent case, BazarLoader was distributed at the last step after the macro was run.