Pages

23 July 2022

Russia sought to unmask Ukrainian hackers with malware app, Google says

JULIA MUELLER 

Russian hackers apparently disguised and advertised a malware-infected Android app as a tool to fight back against Moscow in an effort to expose Ukrainian hackers.

Google’s Threat Assessment Group (TAG) released a report Tuesday explaining that Russians disguised the malicious app as one that would launch Denial of Service attacks on certain Russian websites — and distributed the app from a domain masked as an extension of the Ukrainian National Guard’s Azov Regiment.

The distributor, Turla, is a group TAG attributes to the Russian Federal Security Service.

“Join the Cyber Azov and help stop russian aggression against Ukraine!” reads the advertisement on the third-party site distributing the apps, according to a screenshot shared by Google. “We have developed an Android application that attacks the Internet infrastructure of Russia.”

In a report published Tuesday, a Google spokesperson told Vice that the app was likely intended to expose Ukrainians who would click the link and seek to engage in such an attempt to stop Russian aggression and attack Russia’s infrastructure.

The Hill has reached out to Google for additional comment.


But the Ukrainian government — and the country’s volunteer “IT Army” — have hit back, defending Ukraine on the digital battlefield against Russian disinformation campaigns and attacks on Ukraine’s power grid.

Turla has been known to launch cyberattacks in Ukraine and elsewhere, but Google reports this as “the first known instance of Turla distributing Android-related malware.”

Google’s TAG found a similar app first distributed in March, “StopWar.apk,” which the group believes was developed by Ukrainians and became the “inspiration” for Turla’s spoof.

Google reports that the download count for Turla’s malware app was “miniscule.”

No comments:

Post a Comment