'RomCom' Cyber Campaign Targets Women Political Leaders'RomCom' Cyber Campaign Targets Women Political Leaders
A threat group known as "Void Rabisu" used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware.

Attendees of August's Women Political Leaders Summit 2023 conference found themselves targeted by a spoofed event website loaded with a new cyber espionage malware variant called ROMCOM 4.0.
Leaders from all over the world attended the conference to explore the role of women in politics as well as prospects for peace in Ukraine. Specifically, the cyber espionage campaign targeted those helping to further gender equality in the European Union, according to a report from Trend Micro.
Just a year ago, Void Rabisu threat group was a a run-of-the-mill ransomware outfit, but the invasion of Ukraine offered an opportunity for the cybercriminals to get in on more nation-state, advanced persistent threat (APT) action, the Trend Micro report explained.
The group's primary malware strain has been updated to a new version, ROMCOM 4.0, and is used primarily to target politicians, the military, and government employees, Trend Micro observed.
"While we have no evidence that Void Rabisu is nation-state-sponsored, it's possible that it is one of the financially motivated threat actors from the criminal underground that got pulled into cyberespionage activities due to the extraordinary geopolitical circumstances caused by the war in Ukraine," the report added.
About the Author
You May Also Like
Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025Shift Left: Integrating Security into the Software Development Lifecycle
Mar 5, 2025