EXECUTIVE SUMMARY
Cyber spies have infected hundreds of computers at government agencies using malware stitched together from JavaScript code and publicly available tools. Because of the type of damage and government agencies being targeted, the motive for the attack appears to be espionage rather than crime for profit. The attack, which used spear-phishing emails containing malicious Microsoft Office documents, shows that cyber-espionage groups don’t need to invest a lot of money to develop successful malware.