Kremlin-backed hackers have new Windows and Android malware to foist on Ukrainian foes

"Civil Defense" pushes hybrid espionage/influence campaign targeting recruits.

Oct 28, 2024 - 18:03
 0
Kremlin-backed hackers have new Windows and Android malware to foist on Ukrainian foes

Google researchers said they uncovered a Kremlin-backed operation targeting recruits for the Ukrainian military with information-stealing malware for Windows and Android devices.

The malware, spread primarily through posts on Telegram, came from a persona on that platform known as "Civil Defense." Posts on the ​​@civildefense_com_ua telegram channel and the accompanying civildefense[.]com.ua website claimed to provide potential conscripts with free software for finding user-sourced locations of Ukrainian military recruiters. In fact, the software, available for both Windows and Android, installed infostealers. Google tracks the Kremlin-aligned threat group as UNC5812.

Dual espionage and influence campaign

"The ultimate aim of the campaign is to have victims navigate to the UNC5812-controlled 'Civil Defense' website, which advertises several different software programs for different operating systems," Google researchers wrote. "When installed, these programs result in the download of various commodity malware families."

Read full article

Comments

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

CryptoFortress Disclosure: This article does not represent investment advice. The content and materials featured on this page are for educational purposes only.