Phishing has continued to be one of the most common means of initial access for threat actors of all skill levels. In this instance, the actor was likely trying to steal credentials and information concerning the DELTA program in order to assist with counterintelligence. Protecting against phishing campaigns is often difficult as it takes just one user to fall victim to the campaign to be successful – it is even more difficult with advanced phishing campaigns such as this that are coming from legitimate senders and include fake applications that mimic real processes. In the end, the best means to protect against phishing is to provide user training on how to identify these emails, employing an email monitoring solution to monitor URLs and attachments, and employing a defense-in-depth detection strategy to detect other techniques used post-compromise.
https://www.bleepingcomputer.com/news/security/ukraines-delta-military-system-users-targeted-by-info-stealing-malware/
