Security News > 2022 > July > Russian Hackers Tricked Ukrainians with Fake "DoS Android Apps to Target Russia"
Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service attacks against Russian sites.
"The apps were not distributed through the Google Play Store, but hosted on a domain controlled by the actor and disseminated via links on third party messaging services."
It's worth noting that the onslaught of cyberattacks in the immediate aftermath of Russia's unprovoked invasion of Ukraine prompted the latter to form an IT Army to stage counter-DDoS attacks against Russian websites.
Google TAG said the actors drew inspiration from another Android app distributed through a website named "Stopwar[.]pro" that's also designed to conduct DoS attacks by continually sending requests to the target websites.
These involve sending emails either directly, including the phishing domain or containing links to documents hosted on Google Drive and Microsoft OneDrive that, in turn, feature links to an attacker-controlled website designed to steal passwords.
The latest developments are yet another indication of how Russian threat actors are exhibiting continued signs of increasing sophistication in their attempts to target in ways that highlight their evolving techniques.
News URL
https://thehackernews.com/2022/07/russian-hackers-tricked-ukrainians-with.html
Related news
- Russian ISP confirms Ukrainian hackers "destroyed" its network (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)