Incident with unknown and undetected malware
Responding to an alert at one of our customers we came across the following incident.
The customer was phished with a seemingly targetted phishing attack back in late April through the site diymania[.]eu (behind cloudflare) (URL: hxxp://diymania[.]eu/hvilke-fordele-er-der-ved-bredygtig-energi.html (dead now)). The original link was most probably delivered through a mail to the user (not recovered).
Only a single client machine was affected....