Published: Sat, December 24, 2016
Technology | By Ramiro Moody

Fancy Bear: Russian hackers planted Android malware to track Ukrainian artillery units

Fancy Bear: Russian hackers planted Android malware to track Ukrainian artillery units

This actor to date is the exclusive operator of the malware, and has continuously developed the platform for ongoing operations which CrowdStrike assesses is likely tied to Russian Military Intelligence (GRU).

The app, developed in 2013 and distributed initially over social media, was ultimately hijacked by the Fancy Bear hacking group — believed to be affiliated with Russian military intelligence agency or the GRU.

A Russian hacking group known as Fancy Bear has likely used a malware implant on Android devices to track and target Ukrainian artillery units, a new report says. Ukrainian artillery forces lost more than 50% of their weapons in the two years of fighting, and more than 80% of their D-30 guns.

"This assessment is based on a number of factors, but chief among them is the likelihood that a military member would only trust and use an application created to calculate something as critical as targeting data if it was developed and promoted by a member of their own forces", says the report.

D-30 Howitzer gun battery
D-30 Howitzer gun battery

That's where Fancy Beat allegedly stepped in, infected the legit app, and collected communications, as well as tracked location of the Ukrainian artillery units as one more tool in the targeting arsenal of the separatist eastern regions. With the Android app, that time is reduced to 15 seconds.

The cited article goes into depth about how certain it is that a hacking group, referred to as FANCY BEAR, are almost certainly responsible for the attack. "This type of strategic analysis can enable the identification of zones in which troops are operating and help prioritize assets within those zones for future targeting".

A US-based cyber security firm claimed that it has found strong evidence of links between the Russian military intelligence and the group which hacked the online portal of the Democratic National Committee (DNC).

His company was also hired to investigate the DNC hack attack and over the summer publicly attributed it to Fancy Bear. The only difference is that it contained malware that allowed the hackers to gain access to the text messages, location, and Internet data of Ukrainian soldiers who had downloaded it. On his Facebook page, he commented about the Crowdstrike report, saying it was "delusional and written for amateurs..." With mobile devices used in civilian and military organizations, this technique could very possibly be deployed in political, government, and other sectors in the near future.

FOX's Jay Glazer has some profanity-laced thoughts on Joe Mixon
In 11 games for the Sooners this season, Mixon has rushed for a team-leading 1,183 yards and eight touchdowns. And, after that, like, my face was like boom! "And after that, like, it was just like a reaction".

Moving US embassy to Jerusalem will end peace process, Palestinians warn
Friedman, a NY lawyer, serves as president of the American Friends of Bet El Institutions. US President-elect Donald Trump with Israeli Prime Minister Benjamin Netanyahu.

Fred's Acquiring 865 Rite Aids; Swells to 3rd Largest US Drug Chain
Wall Street certainly saw it that way, sending shares of Rite Aid up almost 6 percent before the opening bell Tuesday. Fred's said BofA Merrill Lynch and Regions Bank will provide financing for store acquisitions.

Like this: