In this present case, the attackers were targeting government organizations in Azerbaijan, Greece, Romania, and Italy, with fake BMW sales. But how did they do it?
Well, they sent emails to the employees within the embassy, offering a diplomatic BMW car at an attractive price. The images of the car were stored in a ZIP or RAR file. When the employee open the file to view the images of the car, the malicious code would install itself in the background.
