In May, an updated version of the ArguePatch malware loader was used in the Industroyer2 attack against a Ukrainian energy provider. It was used in several attack campaigns such as data wiping malware, CaddyWiper. The group behind the attacks was Sandworm APT group that regularly updates its arsenal for campaigns targeting Ukraine. Other Major Incidents To target Russia, the Anonymous collective regularly targeted Russia with cyberattacks. The attacks were aimed at the state’s institutions and business entities. An e-mail was discovered using a tactic where the message was delivered to a coffee company in Ukraine that was seemingly sent by an oil provider in Saudi Arabia. Pretending to be a purchase order, a PDF file image was shown in the body of the email, a link to an ISO file (GuLoader). The fluctuations in the energy market motivated the attackers to use exploit the global interest.