Russian threat actor Gamaredon targeted Ukrainian organizations in a phishing campaign. The hackers sent malicious emails with lures related to the Russia-Ukraine conflict, including attachments labeled “Information on war criminals of the Russian Federation” and “Necessary_military_assistance.” The emails contained malware which allowed Russian operators to conduct espionage.