Kaspersky Global Research and Analysis Team (GReAT) uncovered a new backdoor based on open-source tools, dubbed GhostContainer. The previously unknown highly customised malware was discovered during an incident response (IR) case, targeting Exchange infrastructure within government environments. The malware may be part of an advanced persistent threat (APT) campaign targeting.