This is one of the stories that passed relatively quietly under the radar
The initial attack vector was an application with a job offer via LinkedIn
The attackers impersonated various officials.
The next step was to try to install malware on the victim's computer. This attempt was rejected in real time according to the article.
And again - the initial attack vector is social engineering against the human factor.