Google finds Russian-hacking group is spoofing pro-Ukraine app

#American #Android #Google

Google's Threat Analysis Group discovered the origins of the app
The app, Cyber Azov has fortunately not been downloaded many times
Ukraine's own hacking groups have had some success hacking Russian targets

Written By:Rwit

Updated: July 19 2022 04:27:10 PM ET Bellevue, WA, USA

Google researchers discovered malware run by a Russian state-backed group which had been disguised as a pro-Ukraine app. Threat Analysis Group, the research group run by Google which tracks state-sponsored hacking, published the details in a blog post.

Cyber Azov – an app based on the Azov Regiment, a far-right Ukraine military unit was created by Turla, a Kremlin-backed hacking group which gained notoriety for infiltrating American and European organisations using malware.

The app was distributed through a domain controlled by the Russian hacking group. Cyber Azov needs to manually installed via an APK application file as opposed to being hosted on the Google Play Store. According to TAG’s research, the website claims that the app launches a denial-of-service on Russian websites but in truth, has no effect at all.

Also Read: North Korean hackers foiled after FBI returns ransomware payments

However, analysis of the Cyber Azov APK via VirusTotal shows that the app contains a Trojan virus. However, TAG’s blog indicates that the number of downloads of Cyber Azov is low. The only downside being that the domain is still up and running, meaning that Android users still could be tricked into getting the app.

TAG has flagged an exploit being used in the Microsoft Office suite, by leveraging the Follina vulnerability, which allows hackers to take control of systems using hacked Word documents. The research team says that this exploit has been used by groups which have links to the Russian military to target Ukrainian media organisations.

The spoofed app made by Russian hackers is indicative of a trend in the cyber war being fought during the current Russia-Ukraine conflict, i.e., exploiting those who would seek to help the Ukrainian war effort. Keeping in mind that a lot of the support is decentralised and coming from all over the world, the use of such spoofed apps makes it difficult to pin point and subsequently, shut out.

In the first few days of the fighting, hacking groups linked with Anonymous hit a variety of Russian companies, hacked and exposed their data by posting it publicly. However, the material impact of those actions on the course of the Russia-Ukraine conflict remain unknown.

Also Read: Was Hunter Biden’s cloud account hacked? Internet brings on meme fest

Despite this, Ukraine’s own hacking groups have made headlines time and again for hitting Russian targets through Denial of service attacks. Co-ordinated loosely through a government-endorsed Telegram channel, analysts are saying that this new method of cyberwarfare may change the way such battles are fought in the years to come.

Quick Links

About Us

Sitemaps

Google finds Russian-hacking group is spoofing pro-Ukraine app

Related Articles

Who is Dmitry Markov? Russia’s renowned photographer dies at 41

Who is Lee Zeldin? American attorney slammed for comparing Alexei Navalny with Donal Trump

Who was Alexei Navalny? Russian opposition politician and Putin critic dies: Report

Who is Volodymyr Yermakov? 17-year-old Ukrainian basketball player stabbed to death in Germany

Who is Oleksandr Syrsky? Zelensky appoints new Commander-in-Chief of Ukrainian Armed Forces

Republican bill to provide $17.6 billion in aid for Israel, and nothing for Ukraine