We identified targeted infection attempts against large Russian organizations using the ViPNet update system (a software suite for creating secure networks).