KyivSandworm compromised Ukrainian networks using a fake CAPTCHA.
Russia’s military intelligence unit tricks victims into pasting malicious commands themselves, a technique migrated from criminal scams to state espionage.
Ukraine’s Computer Emergency Response Team is urging administrators to hunt for web shells and other signs of compromise.
Sources: Ars Technica