Fancy Bear: Russian hackers planted Android malware to track Ukrainian artillery units

Demonizing the Red Menace during election times is again the trend du jour in the US, for the horror of those who had to perform Duck and Cover under school desks during the Cold War drills. It seems as if the world hasn't moved much since then, as the Democrats claim that Russian hacking has won Donald Trump the election, or at least were trying to nudge it towards someone that would be less obstructive towards their role at the world stage than Secretary Clinton.

Cyber security company CrowdStrike is the one that claims it has traced the DNC leaks to Russian hacking groups, one of which is lovingly titled Fancy Bear, codename APT 28 (for advanced persistent threat). That same cooperative, with potential connections to the Russian military intelligence, has also used Android malware for its hacking purposes for the first time in Ukraine, says CrowdStrike.

The bears who code apparently posted links to an infected Android app on the Russian version of Facebook - vKontakte - and used it to track Ukrainian artillery units. The app has been developed by an Ukrainian officer to help process targeting data faster, and has been distributed in forums and profiles used by artillery unit commanders. 

That's where Fancy Beat allegedly stepped in, infected the legit app, and collected communications, as well as tracked location of the Ukrainian artillery units as one more tool in the targeting arsenal of the separatist eastern regions. That's evidently the first time we learn that Android malware has been used for hacks directly at the frontlines. This report comes hot on the heels of another one that explains how the Russians hacked US-supplied Raven drones to monitor Ukrainian military positions, so mark another debut in this new type of cyber war. 

Experts agree that the first salvos in the digital battlefield were fired when US and Israeli intelligence planted the Stuxnet virus to try and destroy the Iranian centrifuges, and every adversary had to mount up in response, so the blowback from these efforts has now cascaded all the way down to the Android phone of your average Ukrainian artillery officer. Sign of the times.


source: CrowdStrike via Reuters

FEATURED VIDEO

9 Comments

1. Ticklemyfancy

Posts: 214; Member since: Oct 09, 2016

Crazy Russian Hacker

2. AlikMalix unregistered

Now Russians are going to be labeled favoring Apple...

3. gotoAndDie

Posts: 82; Member since: Jun 13, 2015

Nah, they're just doing their jobs.

4. Mxyzptlk unregistered

So what happened to Android being secure?

5. mr.reckless562

Posts: 162; Member since: Dec 22, 2016

you were born

6. sissy246

Posts: 7129; Member since: Mar 04, 2015

None are secure. And don't you use a android phone. P9 isn't it.

7. ctdog4748

Posts: 797; Member since: Mar 05, 2016

All the usual android lunatics conveniently skipped this article. Hmmmm, I wonder why......

8. Mxyzptlk unregistered

Of course, as usual.

9. iushnt

Posts: 3152; Member since: Feb 06, 2013

Coz it's not interesting. Like how u and mxy skip some anti apple articles..

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.