Security News > 2022 > July > Russian Hackers Tricked Ukrainians with Fake "DoS Android Apps to Target Russia"

Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service attacks against Russian sites.
"The apps were not distributed through the Google Play Store, but hosted on a domain controlled by the actor and disseminated via links on third party messaging services."
It's worth noting that the onslaught of cyberattacks in the immediate aftermath of Russia's unprovoked invasion of Ukraine prompted the latter to form an IT Army to stage counter-DDoS attacks against Russian websites.
Google TAG said the actors drew inspiration from another Android app distributed through a website named "Stopwar[.]pro" that's also designed to conduct DoS attacks by continually sending requests to the target websites.
These involve sending emails either directly, including the phishing domain or containing links to documents hosted on Google Drive and Microsoft OneDrive that, in turn, feature links to an attacker-controlled website designed to steal passwords.
The latest developments are yet another indication of how Russian threat actors are exhibiting continued signs of increasing sophistication in their attempts to target in ways that highlight their evolving techniques.
News URL
https://thehackernews.com/2022/07/russian-hackers-tricked-ukrainians-with.html
Related news
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices (source)
- Russian army targeted by new Android malware hidden in mapping app (source)
- Booby-trapped Alpine Quest Android app geolocates Russian soldiers (source)
- France ties Russian APT28 hackers to 12 cyberattacks on French orgs (source)