Russian state-sponsored hackers have recently targeted Ukrainian state networks, employing compromised VPN accounts and exploiting vulnerabilities in the popular archiving program WinRAR. The Ukrainian Government Computer Emergency Response Team (CERT-UA) revealed that the hackers, believed to be from the Sandworm group, gained access to the networks by exploiting VPN accounts lacking multi-factor authentication (MFA).