Servers of one ofEstonia's biggest oil shale companies Viru Keemia Grupp hosted malware associated with GRU. APT28/ Suspicious traffic was monitored inthe company's network last year that led to the discovery of Mimikatz software used to collect identity keys, like passwords& password hashes〜