Google researchers said they uncovered a Kremlin-backed operation targeting recruits for the Ukrainian military with information-stealing malware for Windows and Android devices.
The malware, spread primarily through posts on Telegram, came from a persona on that platform known as “Civil Defense.” Posts on the ​​@civildefense_com_ua telegram channel and the accompanying civildefense[.]com.ua website claimed to provide potential conscripts with free software for finding user-sourced locations of Ukrainian military recruiters. In fact, the software, available for both Windows and Android, installed infostealers. Google tracks the Kremlin-aligned threat group as UNC5812.
Dual espionage and influence campaign
“The ultimate aim of the campaign is to have victims navigate to the UNC5812-controlled ‘Civil Defense’ website, which advertises several different software programs for different operating systems,” Google researchers wrote. “When installed, these programs result in the download of various commodity malware families.”
Â
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.