Es ist zwar "holiday season", aber trotzdem solltet Ihr Euch um Qualität & Recherche bemühen:
Eine ausführliche Analyse ( ziemlich lang ) findet sich unter
https://www.wordfence.com/blog/2016/12/russia-malware-ip-hack/
Die Zusammenfassung lautet
"... The IP addresses that DHS provided may have been used for an attack by a state actor like Russia. But they don’t appear to provide any association with Russia. They are probably used by a wide range of other malicious actors, especially the 15% of IP addresses that are Tor exit nodes.
The malware sample is old, widely used and appears to be Ukrainian. It has no apparent relationship with Russian intelligence and it would be an indicator of compromise for any website. ..."