The malware reportedly bears similarities to code used in previous cyberattacks that the US government linked to Russia. Hackers associated the malware used in the most recent botnet plague with a group of photos on Photobucket (which have since been deleted) and a domain now under the FBI's control. That infrastructure installed malicious plugins every time a router connected to it, but the plugins vanish every time an infected device is rebooted, with only the core malware code remaining. So, the photo deletion and domain seizure will severely limit the effectiveness of the malware network. Router owners were still advised to reboot their devices and update the firmware using official sources as soon as possible.
Ukraine had understandable reasons for believing it was once again a cyberattack target. It's endured several cyberattacks over the last few years -- one knocked a power grid offline, while another hit an airport, banks and the Ukraine government.