Security News > 2022 > July > Google catches Turla hackers deploying Android malware in Ukraine
Google's Threat Analysis Group, whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations.
In a report regarding recent cyber activity in Eastern Europe, Google TAG security engineer Billy Leonard revealed that hackers part of the Turla Russian APT group have also been spotted deploying their first Android malware.
They've also hijacked the infrastructure and malware of Iranian APT OilRig and used them in their own campaigns to mislead and trick defenders into attributing their attacks to Iranian state hackers.
Google TAG also said in May that it observed the Turla hackers pushing credential phishing emails in attacks against Ukrainian defense and cybersecurity organizations.
Google sent 50,000 warnings of state-sponsored attacks in 2021.
Roaming Mantis hits Android and iOS users in malware, phishing attacks.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers use Google Search ads to steal Google Ads accounts (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)