Cyberattackers are targeting EU officials helping Ukrainian refugees with malware.

According to Proofpoint researchers, the goal of such an attack is to stop any attempt towards helping Ukrainian refugees.

“Proofpoint has identified a likely nation state-sponsored phishing campaign using a possibly compromised Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine,” Proofpoint researchers stated on the company’s website.

While the identity of the attacker remains unknown, the researchers claimed the attack was similar to the ones conducted by a hacking group dubbed Ghostwriter, also known as TA445 or UNC1151.

The attackers, in this case, have been identified as working in the interests of Belarus.

Proofpoint researchers had previously reported that Belarusian military hackers were targeting the private email addresses of Ukrainian military personnel “and related individuals.”

According to the researchers, the recent campaign targeting European officials could be the next stage of these attacks.