XDSpy Phishing Targets Russian and Moldovan Firms 1. XDSpy targets Russian and Moldovan companies with phishing attacks deploying DSDownloader malware. 2. XDSpy, a group uncovered by CERT.BY, has been active since 2011, focusing on Eastern Europe. 3. Attacks use spear-phishing emails to deliver XDDown malware, which gathers system information and passwords. 4. New attacks involve phishing emails with RAR files that use DLL side-loading to run DSDownloader. 5. Recent cyber activity includes attacks by Core Werewolf, Turla, and UAC-0057, and hacktivist disruptions. #XDSpy #CyberEspionage #PhishingAttack #DSDownloader #DLLSideLoading #CyberSecurity #MalwareAnalysis #CobaltStrike #PowerShell #TurlaGroup #UAC-0057