Published: Sat, December 24, 2016
Technology | By Ramiro Moody

Fancy Bear: Russian hackers planted Android malware to track Ukrainian artillery units

Fancy Bear: Russian hackers planted Android malware to track Ukrainian artillery units

This actor to date is the exclusive operator of the malware, and has continuously developed the platform for ongoing operations which CrowdStrike assesses is likely tied to Russian Military Intelligence (GRU).

The app, developed in 2013 and distributed initially over social media, was ultimately hijacked by the Fancy Bear hacking group — believed to be affiliated with Russian military intelligence agency or the GRU.

A Russian hacking group known as Fancy Bear has likely used a malware implant on Android devices to track and target Ukrainian artillery units, a new report says. Ukrainian artillery forces lost more than 50% of their weapons in the two years of fighting, and more than 80% of their D-30 guns.

"This assessment is based on a number of factors, but chief among them is the likelihood that a military member would only trust and use an application created to calculate something as critical as targeting data if it was developed and promoted by a member of their own forces", says the report.

D-30 Howitzer gun battery
D-30 Howitzer gun battery

That's where Fancy Beat allegedly stepped in, infected the legit app, and collected communications, as well as tracked location of the Ukrainian artillery units as one more tool in the targeting arsenal of the separatist eastern regions. With the Android app, that time is reduced to 15 seconds.

The cited article goes into depth about how certain it is that a hacking group, referred to as FANCY BEAR, are almost certainly responsible for the attack. "This type of strategic analysis can enable the identification of zones in which troops are operating and help prioritize assets within those zones for future targeting".

A US-based cyber security firm claimed that it has found strong evidence of links between the Russian military intelligence and the group which hacked the online portal of the Democratic National Committee (DNC).

His company was also hired to investigate the DNC hack attack and over the summer publicly attributed it to Fancy Bear. The only difference is that it contained malware that allowed the hackers to gain access to the text messages, location, and Internet data of Ukrainian soldiers who had downloaded it. On his Facebook page, he commented about the Crowdstrike report, saying it was "delusional and written for amateurs..." With mobile devices used in civilian and military organizations, this technique could very possibly be deployed in political, government, and other sectors in the near future.

Several killed in protests calling for Congo's Kabila to step down
Kabila, whose lawful tenure as president has ended, and are taking to the streets in peaceful protest against the Kabila regime. The electoral commission cancelled elections due last month, citing logistical and financial difficulties in organising them.

Moving US embassy to Jerusalem will end peace process, Palestinians warn
Friedman, a NY lawyer, serves as president of the American Friends of Bet El Institutions. US President-elect Donald Trump with Israeli Prime Minister Benjamin Netanyahu.

Lockheed Martin shares take another tumble after Trump tweet
The F-35 program is a critical sales generator for the company, accounting for 20% of last year's total revenue of $46.1bn. The president-elect previously threatened to cancel the order for a new Air Force One from Boeing because of the costs.

Like this: