Three new malware DOUBLEDRAG, DOUBLEDROP, and DOUBLEBACK, associated with a massive cyberespionage campaign, have been targeting several organizations in the U.S. The related phishing attacks were carried out by a new financially motivated threat actor group dubbed UNC2529.