Operation Fake Veteran
The Tortoiseshell threat group created a phishing website targeted toward U.S. military veterans who were looking for employment. The fake site contained three links to entice the victim to install a malicious application. Once the malware was installed it collected a range of system data and sent the information back to the attacker. The group also deployed a remote access trojan on the infected system known as "IvizTech" for persistence.