Google Discovers Ukrainian Turla Hackers Using Android Malware

Google’s Threat Analysis Group (TAG), whose main objective is to protect Google users from state-sponsored assaults, said today that threat groups supported by Russia are still primarily targeting Ukrainian companies with their attacks.

Google TAG security engineer Billy Leonard claimed that hackers associated with the Turla Russian APT gang had also been seen distributing their first Android malware in a report on recent cyber activities in Eastern Europe.

This is the first reported case of malware connected to Android being distributed through Turla. According to Leonard, the applications were not released through the Google Play Store instead they were housed on a domain owned by the actor and shared via links on outside chat platforms.
The software is promoted under the pretense of launching DoS assaults against several Russian websites. However, the ‘DoS’ is ineffective since it just makes one GET request to the target website.
Analysts at Google TAG think that while developing their own fictitious “Cyber Azov” DDoS application, Turla’s operators utilized the StopWar Android app created by pro-Ukrainian developers (hosted at stopwar[.]pro).




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

function init() { var vidDefer = document.getElementsByTagName('iframe'); for (var i=0; i