The attack, discovered in 2022, was investigated by cybersecurity firm Volexity, which identified the victim as Organization A. The attack was discovered right before Russia’s invasion of Ukraine and the hackers’ goal was apparently to obtain “data from individuals with expertise on and projects actively involving Ukraine”.What makes the attack stand out is the use of what Volexity described as a new technique which the company has named Nearest Neighbor Attack.According to Volexity’s investigation, the attacker managed to obtain credentials to an internet-facing service used by Organization A through password spraying, but the credentials could not be used due to multi-factor authentication.