The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics.
https://threatpost.com/apt-harvester-telco-government-data/175585/
Also on the rise: DDoS attacks against Ukrainian sites and phishing activity capitalizing on the conflict, with China’s Mustang Panda targeting Europe.
https://threatpost.com/russian-apts-phishing-ukraine-google/178819/