Attackers leveraged spear-phishing to lure targets into downloading an MSI installer for Skype for Business from a domain resembling one belonging to the Italian government.
Attacks by Kimsuky commenced with the distribution of Japanese security and diplomatic organization-spoofing phishing emails with a malicious ZIP file.