Ukrainian and Polish government agencies are being impacted by an Aperetif malware campaign launched by the WinterVivern hacking group, which emerged last June, according to The Record, a news site by cybersecurity firm Recorded Future. WinterVivern has been spreading the Aperetif info-stealer through fraudulent websites spoofing Ukraines Ministry of Foreign Affairs and Polands Central Cybercrime Bureau, with attackers delivering phishing emails that use defenses against Russian cyberattacks as lures to government employees, a report from the Computer Emergency Response Team of Ukraine revealed. Such emails include a link redirecting to a website facilitating the download of software containing the payload that enables screenshot capturing, file scanning, and user data exfiltration. No details regarding the extent of the attacks have been shared by CERT-UA. Fake websites were previously used by WinterVivern in campaigns that involved the impersonation of Ukraine's Security Service and Ministry of Defense, as well as the Polish police.