Security News > 2022 > July > Russian hackers use fake DDoS app to infect pro-Ukrainian activists
Google's Threat Analysis Group, whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations.
In a report regarding recent cyber activity in Eastern Europe, Google TAG security engineer Billy Leonard revealed that hackers part of the Turla Russian APT group have also been spotted deploying their first Android malware.
Google TAG's analysts believe Turla's operators used the StopWar Android app developed by pro-Ukrainian developers when creating their own fake 'Cyber Azov' DDoS application.
"Join the Cyber Azov and help stop russian aggression against Ukraine! We are a community of free people around the world who are fighting against russia's aggression," the attackers prodded potential targets on the app's download page.
"The app is distributed under the guise of performing Denial of Service attacks against a set of Russian websites. However, the 'DoS' consists only of a single GET request to the target website, not enough to be effective."
Google TAG also said in May that it observed the Turla hackers pushing credential phishing emails in attacks against Ukrainian defense and cybersecurity organizations.
News URL
Related news
- Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- 100+ domains seized to stymie Russian Star Blizzard hackers (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant (source)
- Russian Espionage Group Targets Ukrainian Military with Malware via Telegram (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)