Security News
Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service attacks against Russian sites. "The apps were not distributed through the Google Play Store, but hosted on a domain controlled by the actor and disseminated via links on third party messaging services."
The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. The hackers pretended to be a "Community of free people around the world who are fighting russia's aggression"-much like the IT Army.
A court in Moscow has imposed a fine of $358 million on Google LLC for failing to restrict access to information considered prohibited in the country. Last month, the organization fined 68 million rubles Google LLC for the umpteenth time for failure to remove prohibited information.
Singapore-based security vendor and services provider Group-IB has commenced a "Regional diversification" program that will see it not just continue to operate in Russia, but do so with a dedicated entity. A new and independently managed entity will offer the company's services and wares in Russia.
Palo Alto Networks' Unit 42 threat intelligence team has claimed that a piece of malware that 56 antivirus products were unable to detect is evidence that state-backed attackers have found new ways to go about the evil business. Unit 42's analysts assert that the malware was spotted in May 2022 and contains a malicious payload that suggests it was created using a tool called Brute Ratel.
Roskomnadzor, Russia's telecommunications watchdog, has fined Google 68 million rubles for helping spread what it called "Unreliable" information on the war in Ukraine and the failure to remove it from its platforms. The Russian telecommunications regulator said Google's YouTube online video sharing platform "Purposefully contributes" to spreading inaccurate info on Russia's war in Ukraine, thus defaming Russia's army.
Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia's invasion. Since the start of the war, threat actors linked to several Russian intelligence services have attempted to breach entities in dozens of countries worldwide, prioritizing governments, according to Microsoft Threat Intelligence Center analysts.
People in Russia can no longer download Windows 10 and Windows 11 ISOs and installation tools from Microsoft, with no reason for the block provided by the company. Using a VPN server located in Russia, BleepingComputer has confirmed that attempting to download the Windows 10 Update Assistant, the Windows 10 Media Creation Tool, and the Windows 11 Installation Assistant, Russian users are shown a message stating, "404 - File or Directory not found."
Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal. The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.
The Russian-based Evil Corp is jumping from one malware strain to another in hopes of evading sanctions placed on it by the US government in 2019. Evil Corp - which made its bones targeting the financial sector with the Dridex malware it developed - is now using off-the-shelf ransomware, most recently the LockBit ransomware-as-a-service, to cover its tracks and make it easier to get the ransoms they demand from victims paid, according to a report this week out of Mandiant.