RomCom leveraged a fake website to redirect targets to an exploit-hosting server, which then facilitated the deployment and execution of the RomCom backdoor that could enable further payload compromise.
Article Link: New RomCom attacks involve Windows, Firefox zero-day exploits | SC Media