The Security Service of Ukraine (SBU) has said that a hacking group controlled by the Russian special services attempted to attack Ukraine with a new malware, Win32/Exaramel, which is an improved version of the Industroyer backdoor. The malware is to blame for the blackout in Kyiv in December 2016.
The SBU website said that the new malware can remotely administer the operating system, copy files, track users' actions and intercept passwords.
The attack was identified with the help of a well-known antivirus company, its consequences were localized and a cyber treat to government infrastructure was minimized.
More details are available from the blog post by ESET which alerted Ukrainian law enforcers to a new threat.