Published: Sat, December 24, 2016
Hi-Tech | By Merle Christensen

DNC breach further linked to Russian Federation through Ukrainian artillery hack

DNC breach further linked to Russian Federation through Ukrainian artillery hack

This connection increases the likelihood that the hackers - dubbed Fancy Bear by cybersecurity firm CrowdStrike - are a unit working for Russia's military intelligence agency, the GRU.

As the conflict in eastern Ukraine evolved towards a military engagement, somewhere along the way, Fancy Bears operators took a copy of this app, injected it with their malware, and spread it online by posting links to the infected version on various Ukrainian military forums.

That is the claim of CrowdStrike co-founder Dmitri Alperovitch, who has linked the malware found on the Android smartphones of Ukrainian military personnel with the same "Fancy Bear" group of hackers that, he claims, were behind attacks on the US Democratic National Committee.

Sherstuk's app has never been distributed through Google Play, meaning its users likely installed it manually after obtaining it from various sources.

TODAY'S FORECAST: Cloudy, chance of rain and snow showers
Highs should warm into the upper 50s with west winds shifting to the north around 5 to 10 miles per hour . Thanks to the front, Thursday's temperatures will be in the upper 50s with mostly sunny skies.

Resident Evil 7 Demo Datamine Hints At A Returning Character
The new instalment to the franchise will start with the main protagonist waking up all alone in an abandoned farmhouse. After months of having been available on PlayStation 4, the Resident Evil 7 demo has now made its way to Steam.

Switzerland Fines Banks for Cartels on Rates, Derivatives
Vincent Martenet, President of Comco, said: "It is a big sanction based on an in-depth investigation". The fines, for collusion between 2005 and 2010, totalled CHF99m.

"Also known as Sofacy, X-Agent has been tracked by the security community for nearly a decade, CrowdStrike associates the use of X-Agent with an actor we call Fancy Bear", he added. There is no evidence the application was made available in the Android app store, limiting its distribution, the firm said.

A tool such as this has the potential ability to map out a unit's composition and hierarchy, determine their plans, and even triangulate their approximate location. "This type of strategic analysis can enable the identification of zones in which troops are operating and help prioritize assets within those zones for future targeting".

Crowdstrike, which the DNC hired to investigate and remediate the breach, found a variant of the "X-Agent" malware infecting targeted software used by Ukrainian weapon systems in that nation's conflict against Russian separatists. "The source code to this malware has not been observed in the public domain and appears to have been developed uniquely by Fancy Bear", CrowdStrike said.

This further confirms reports from United States intelligence agencies on Russia's involvement with the USA presidential election, experts say. On his Facebook page, he commented about the Crowdstrike report, saying it was "delusional and written for amateurs..." While it was initially discovered in a battlefield environment, an adversary could also leverage it in attacks against non-military targets. With mobile devices used in civilian and military organizations, this technique could very possibly be deployed in political, government, and other sectors in the near future. Most conspicuous is that Ukraine lost 80% of its arsenal of D-30 Howitzer guns.

Like this: