Researchers shed light on evolving objectives of the Void Rabisu hacking group as they uncovered a campaign that used a fake version of the Ukrainian army’s Delta situational awareness website to lure targets into installing the RomCom backdoor. While their previous operations were centered on data exfiltration and intelligence collection, the latest campaign suggests their interest in sabotage, disruption, or even financial gain.