Ukraine’s “IT Army” hit with info-stealing malware

The group has been spoofed by cybercriminals mere weeks after its formation

Security researchers have warned pro-Ukrainian actors of employing DDoS tools to attack Russia, as they may be ridden with info-stealing malware.

In late February, Ukrainian vice prime minister, Mykhailo Fedorov, called for a volunteer “IT army” of hackers to DDoS Russian targets.

Cisco Talos has claimed that many cybercriminals are attempting to exploit the outpouring of support for Ukraine, amidst the Russian invasion of the country.

The organization detected several posts on Telegram offering DDoS tools loaded with malware.

Specifically, it detected posts on Telegram offering DDoS tools which were actually loaded with malware.

One such tool, dubbed “Liberator,” is offered by a group calling itself “disBalancer.” The original tool is legitimate but is being spoofed by threat actors.

“The file offered on the Telegram page ended up being malware, specifically an info stealer designed to compromise unwitting users,” it explained. Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *