Russian Hackers Tricked Ukrainians with Fake "DoS Android Apps to Target Russia"
Jul 20, 2022
Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service (DDoS) attacks against Russian sites. Google Threat Analysis Group (TAG) attributed the malware to Turla, an advanced persistent threat also known as Krypton, Venomous Bear, Waterbug, and Uroburos, and linked to Russia's Federal Security Service (FSB). "This is the first known instance of Turla distributing Android-related malware," TAG researcher Billy Leonard said . "The apps were not distributed through the Google Play Store, but hosted on a domain controlled by the actor and disseminated via links on third party messaging services." It's worth noting that the onslaught of cyberattacks in the immediate aftermath of Russia's unprovoked invasion of Ukraine prompted the latter to form an IT Army to stage counter-DDoS attacks against Rus...