The universal modular cyber-espionage toolkit
The Operation Potao Express whitepaper by Robert Lipovsky and Anton Cherepanov presents ESET’s latest findings based on research into the Win32/Potao malware family. Even though the malware was detected long ago by ESET and a few other anti-virus companies, it hasn’t received any public attention since 2011, when the first known samples were detected. Like BlackEnergy (a.k.a. Sandworm, Quedagh), Potao is an example of targeted espionage (APT) malware detected mostly in Ukraine and a number of other CIS countries, including Russia, Georgia and Belarus.
Read the whitepaper in full here - http://www.welivesecurity.com/wp-content/uploads/2015/07/Operation-Potao-Express_final_v2.pdf