From 2-spyware.com
The Advanced Persistent Threat group named Evilnum used Python remote access trojan in attacks on financial tech organizations.[1] Spear-phishing attack allowed hackers to hide in the Windows system as several legitimate programs, so the RAT could work as it was designed for and exfiltrate data, run various commands.[2] Targets were mainly UK and Europe fintech firms.[3]