Researchers have uncovered an ongoing spear-phishing campaign targeting Ukraine government agencies. The campaign was recently spotted targeting government entities in Ukraine via emails containing malicious LNK files with PowerShell scripts, which then downloaded a second-stage payload. Infrastructure analysis indicates the actors behind the intrusion activity may be associated with the Luhansk People s Republic (LPR), a proto-state in eastern Ukraine which declared independence in 2015. LPR declared independence from Ukraine in 2014, and conflict between the two is still going on as of April 2019.
Source: https://threatpost.com/ratvermin-spyware-targets-ukraine-gov-agencies/143827/