Security News > 2022 > March > Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers
In a Wednesday threat advisory, Cisco Talos described a campaign it's observed in which a threat actor was offering a supposed distributed denial-of-service tool on Telegram that's purportedly meant to pummel Russian websites.
The crisis has brought both new threats and an influx of actors "Of varying skill," Cisco said.
The cyber warzone has entailed the Conti ransomware gang's secrets getting spilled by a pro-Ukrainian member, furious phishing campaigns launched against Ukraine and those aiding Ukrainian refugees, the novel FoxBlade trojan, DDoS attacks against Ukraine's military and economy, campaigns using multiple destructive wipers, hackers affiliating themselves with the Autonomous brand hijacking Russian cameras, and more.
There is a group called disBalancer that distributes a "Legitimate" DDoS attack tool called, ironically enough, Liberator, Cisco found - a tool for waging cyberwar against "Russian propaganda websites."
The infostealer is hoovering up a broad array of information, Cisco said.
The infostealer masquerading as a DDoS tool to attack Russian targets is just one example of the many ways cybercriminals are milking the invasion, exploiting sympathizers on both sides.
News URL
https://threatpost.com/malware-posing-russia-ddos-tool-bites-pro-ukraine-hackers/178864/
Related news
- UK councils bat away DDoS barrage from pro-Russia keyboard warriors (source)
- Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Unpatched Mazda Connect bugs let hackers install persistent malware (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Chinese hackers target Linux with new WolfsBane malware (source)