Malware disguised as security tool targets Ukraine’s IT Army (bleepingcomputer.com)
Last month, Ukraine announced a new IT army consisting of individuals worldwide working together to conduct cyberattacks and DDoS attacks on Russian entities. However, a spread of threat actors is taking advantage of this by posting fake DDoS tools on Telegram that installs an information-stealing Trojan. Although the legitimate version of the tool is “clean” and illegal to use, it is not possible to check for the malware payload prior to running the tool since neither the legitimate nor the fake tool are digitally signed. Running the malicious tool results in an information-stealing payload executing that steals website data as well as local file information and system information. Although this malware has existed prior to this incident, it has seen a rise as a result of the current world situations.
Kenneth Saltisky
Leave a Reply