Security researchers have detected a new information-stealing malware variant that is targeting Ukrainian organizations. The infostealer has been named Graphiron and has been linked to the Russia Nodaria group. Symantec, the security firm that found the information stealer, states that the group has been active since at least March 2021. Nodaria was first recognized for the WhisperGate attacks that targeted Ukrainian organizations at the beginning of the conflict.

Similar to other infostealers used by the group, Graphiron is written in Go and likely deployed via spear phishing emails. The malware consists of a downloader and a payload and can steal data such as system information, files, screenshots, and credentials. Security experts have warned of a new slate of cyberattacks on Ukrainian critical infrastructure ahead of a Russian offensive in Donbas.

Read More: New Info-Stealer Discovered as Russia Prepares Fresh Offensive