Title: Western Intelligence Agencies Expose Russia’s Military Hacking Campaign Against Ukraine
In a major report released by Britain’s National Cyber Security Centre (NCSC) and other agencies within the Five Eyes intelligence alliance, Western intelligence agencies have shed light on the hacking tools utilized by Russia’s military intelligence service, known as the GRU, in their ongoing campaign against Ukrainian military devices. The report highlighted the key role played by a malware dubbed “Infamous Chisel.”
Infamous Chisel allows the GRU to gain unauthorized access to compromised Android devices, carrying out activities such as scanning files, monitoring traffic, and stealing sensitive information. Ukraine’s security service, the SBU, first brought the GRU’s hacking campaign to the world’s attention this month when they declared they foiled an attempt by state-controlled Russian hackers to access their battlefield management system.
Despite lacking basic obfuscation or stealth techniques, which suggests a lack of concern for defense evasion or concealment, Infamous Chisel is still credited with two noteworthy features. The malware showcases its persistence by replacing a legitimate system binary with a malicious one, allowing the attacker to maintain access. Additionally, it harnesses the power of Tor and a modified SSH connection to provide remote access.
The hacking group, Sandworm, is believed to be behind the GRU’s campaign. Notorious for their previous attacks on Ukraine’s power grid in 2015 and the devastating NotPetya malware, Sandworm’s involvement raises concerns about its continued cyber warfare targeting Ukraine.
While some may underestimate Infamous Chisel’s effectiveness due to its lack of obfuscation, the NCSC warns against such complacency. The malware’s ability to collect sensitive information poses a serious threat, and its simplicity may actually aid its success, enabling it to bypass some defense mechanisms that may be on the lookout for more sophisticated attack techniques.
The report published by the NCSC and its Five Eyes partners sends a clear message that Western intelligence agencies remain vigilant in exposing the tactics and tools employed by hostile state actors. By shedding light on the GRU’s hacking campaign and naming Infamous Chisel, they aim to equip individuals and organizations with the knowledge to protect themselves from such cyber threats.
As tensions continue to simmer between Russia and Ukraine, the threat of cyber warfare remains a pressing concern. However, this comprehensive report serves as a reminder that collaborative efforts and timely disclosures can be key in mitigating the impact of such attacks and safeguarding crucial systems and sensitive information.
“Infuriatingly humble tv expert. Friendly student. Travel fanatic. Bacon fan. Unable to type with boxing gloves on.”