Threat investigators have uncovered a recent initiative aimed at the foreign affairs department of an undisclosed South American country, employing customized malware designed to provide remote access to compromised systems.
The operation, identified in November 2024, has been linked by Elastic Security Labs to a threat group they label as REF7707. Additional targets include a telecommunications firm and an academic institution,