From thehackernews.com
A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces.
The phishing attack, which singled out a general director working at the Rubin Design Bureau, leveraged the infamous “Royal Road” Rich Text Format (RTF) weaponizer to deliver a previously undocumented Windows backdoor dubbed “PortDoor,” according to Cybereason’s Nocturnus threat intelligence team.