What do leaked DNC emails and the Ukrainian army have in common? Russian Android malware

It's no secret that both the FBI and CIA now believe that Russian hackers were responsible for leaks during the US election which damaged the Democratic National Committee and potentially handed an advantage to Republican candidate Donald Trump.

On Thursday, however, CrowdStrike, a cyber security firm based in Irvine, California released a report which outlined another hack which targeted the Android devices of Ukrainian separatists fighting in Eastern Ukraine in 2014, giving the Russian military essential location information about artillery units which was used to target strikes and coordinate military action.

According to Dmitri Alperovitch, co-founder of CrowdStrike, the software used in the DNC hack was a variant of that used to target the Ukrainian separatists, and is most likely being used by a Russian hacking group known as Fancy Bear, aka APT 28, which is believed to work primarily for Russia's military intelligence agency.

The malware implant in Ukraine leveraged a legitimate Android application, developed by a Ukrainian artillery officer to process targeting data more quickly, CrowdStrike said, with co-founder Dmitri Alperovitch adding;

"This cannot be a hands-off group or a bunch of criminals, they need to be in close communication with the Russian military"

The deployment "extends Russian cyber capabilities to the front lines of the battlefield" and "could have facilitated anticipatory awareness of Ukrainian artillery force troop movement, thus providing Russian forces with useful strategic planning information", the report said.

According to CrowdStrike, the Ukrainian malware implant would be the first time malicious software from Fancy Bear has been found on the Android platform, though downloads of the affected app were promoted on a Russian social media website and downloaded directly, with no evidence that the application was made available on the Google Play Store, limiting its distribution.

The prospect of malware on Android being used by Russian intelligence in both front-line conflict and within the political spectrum will reinforce the ever-evolving view that modern day warfare, as well as espionage, is going to be fought on the digital front as much as the physical front. The news will also reinforce the message from companies like BlackBerry and Boeing that device security will be absolutely paramount for government and military organisations in the future.

Source: Reuters

Report a problem with article
Next Article

Facebook's Nearby Friends feature drops exact location reporting, to be replaced by “Wave”

Previous Article

Apple sets crosshairs on patent trolling: Nokia and partners in the firing line

29 Comments - Add comment