Google Links Suspected Russian Actor to CANFAIL Malware Attacks

Google Threat Intelligence Group (GTIG) has attributed attacks using the CANFAIL malware to a previously undocumented threat actor suspected of being affiliated with Russian intelligence services. The targets include Ukrainian organizations in the defense, military, government, and energy sectors. No specific dates or additional technical details about CANFAIL are mentioned. The impact involves intrusions targeting critical infrastructure in Ukraine.