New DownEx Malware Used Against Targets in Central Asia

A cyberattack campaign was observed against foreign government institutions in Kazakhstan and Afghanistan using decoy documents that impersonate real diplomats. Attackers used a new malware family dubbed DownEx by Bitdefender Labs. It can move laterally to traverse local and network drives to extract a wide range of files from various formats, including Word, Excel, and PowerPoint documents, videos, images, PDFs, and compressed files.