Security News > 2022 > March > Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers

In a Wednesday threat advisory, Cisco Talos described a campaign it's observed in which a threat actor was offering a supposed distributed denial-of-service tool on Telegram that's purportedly meant to pummel Russian websites.

The crisis has brought both new threats and an influx of actors "Of varying skill," Cisco said.

The cyber warzone has entailed the Conti ransomware gang's secrets getting spilled by a pro-Ukrainian member, furious phishing campaigns launched against Ukraine and those aiding Ukrainian refugees, the novel FoxBlade trojan, DDoS attacks against Ukraine's military and economy, campaigns using multiple destructive wipers, hackers affiliating themselves with the Autonomous brand hijacking Russian cameras, and more.

There is a group called disBalancer that distributes a "Legitimate" DDoS attack tool called, ironically enough, Liberator, Cisco found - a tool for waging cyberwar against "Russian propaganda websites."

The infostealer is hoovering up a broad array of information, Cisco said.

The infostealer masquerading as a DDoS tool to attack Russian targets is just one example of the many ways cybercriminals are milking the invasion, exploiting sympathizers on both sides.

News URL

https://threatpost.com/malware-posing-russia-ddos-tool-bites-pro-ukraine-hackers/178864/