Attacks by RedDelta commence with spear-phishing emails using Mongolian flood protection, Taiwanese presidential candidate Terry Gou, and an Association of Southeast Asian Nations meeting as lures that contain malicious MSI, MSC, and LNK files to facilitate PlugX malware compromise, according to an analysis from Recorded Future's Insikt Group.