Italian authorities have arrested and charged two siblings for carrying out a cyber-espionage campaign against Italy's elite, with targets that varied from famous businessmen to high-ranking politicians, including Matteo Renzi, former Italian prime minister.
According to court documents (embedded below), the two used a simple scheme to infect their victims.
The two hired the services of a local programmer to develop their own brand of malware, a backdoor trojan, which authorities have named EyePyramid.Spear-phishing emails delivered EyePyramid malware
The two used simple spear-phishing emails sent to the high-ranking officials they wanted to infect. The emails came with a file attachment, which when opened would covertly install their malware.
EyePyramid would collect information from the target's system, such as passwords, sensitive documents, and more. The malware would upload this data to various online servers or send to an email address (via SMTP).