- IT 리더가 지목한 AI 가치 실현의 최대 걸림돌은 ‘비용 관리’
- Los CIO consideran que la gestión de costes puede acabar con el valor de la IA
- 칼럼 | AI 에이전트, 지금까지의 어떤 기술과도 다르다
- The $23 Echo Dot deal is a great deal to upgrade your smart home this Black Friday
- Amazon's Echo Spot smart alarm clock is almost half off this Black Friday
GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military
The UK and its Five Eyes partners (Australia, Canada, New Zealand and the US) officially support Ukraine’s attribution of Infamous Chisel, a new piece of malware infecting Ukraine’s military personnel’s mobile phones, to the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).
In a joint report published on August 31, 2023, the UK’s National Cyber Security Centre (NCSC) and six partner agencies analyzed Infamous Chisel.
The malware enables unauthorized access to compromised Android devices used by the Ukrainian military over the Tor network. It is designed to scan files, monitor traffic and periodically steal sensitive information.
The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military.
It also provides remote access by configuring and executing Tor with a hidden service that forwards to a modified Dropbear binary providing an SSH connection.
War in Ukraine Plays Out in Cyberspace
In the report, the seven agencies added that they “are aware that the actor known as Sandworm has used a new mobile malware in a campaign targeting Android devices used by the Ukrainian military.”
This correlates to the Security Service of Ukraine’s (SBU) attribution earlier in August when it first unveiled the campaign using Infamous Chisel.
Cybersecurity agencies in all Five Eyes countries have previously linked Sandworm to the Russian GRU’s Main Centre for Special Technologies (GTsST).
Paul Chichester, NCSC director of operations, said in a statement that this new malicious campaign “illustrates how Russia’s illegal war in Ukraine continues to play out in cyberspace.”
In June, the UK Prime Minister announced that the UK-funded Ukraine Cyber Programme would be boosted by an additional injection of up to £25 million and a two-year expansion to help Ukraine protect its critical national infrastructure and vital public services online.