Published: Sat, December 24, 2016
Hi-Tech | By Merle Christensen

DNC breach further linked to Russian Federation through Ukrainian artillery hack

DNC breach further linked to Russian Federation through Ukrainian artillery hack

This connection increases the likelihood that the hackers - dubbed Fancy Bear by cybersecurity firm CrowdStrike - are a unit working for Russia's military intelligence agency, the GRU.

As the conflict in eastern Ukraine evolved towards a military engagement, somewhere along the way, Fancy Bears operators took a copy of this app, injected it with their malware, and spread it online by posting links to the infected version on various Ukrainian military forums.

That is the claim of CrowdStrike co-founder Dmitri Alperovitch, who has linked the malware found on the Android smartphones of Ukrainian military personnel with the same "Fancy Bear" group of hackers that, he claims, were behind attacks on the US Democratic National Committee.

Sherstuk's app has never been distributed through Google Play, meaning its users likely installed it manually after obtaining it from various sources.

Monte dei Paschi stock tumbles as finance drive stutters
Monte dei Paschi and Carige were the only Italian banks forced to tap markets for cash as a result of stress tests in 2014. Analysts said Gentiloni's 20 billion euro injection into the sector is not enough to sort out Italy's banking problems.

Following furore, Rs. 5000 deposit rule rolled back
Also, bankers were hesitant in giving approvals to depositors in case investigating agencies found the explanation unsatisfactory. On Wednesday, the RBI notified that it was withdrawing the first two paras of its Monday notification for KYC-compliant accounts.

Daesh auto bombings kill at least 23 in east Mosul
Mosul is estimated to be home to some one million people despite being under militant rule for more than two years. The UN denounced these attacks and urged "both parties" to protect aid workers and support their efforts.

"Also known as Sofacy, X-Agent has been tracked by the security community for nearly a decade, CrowdStrike associates the use of X-Agent with an actor we call Fancy Bear", he added. There is no evidence the application was made available in the Android app store, limiting its distribution, the firm said.

A tool such as this has the potential ability to map out a unit's composition and hierarchy, determine their plans, and even triangulate their approximate location. "This type of strategic analysis can enable the identification of zones in which troops are operating and help prioritize assets within those zones for future targeting".

Crowdstrike, which the DNC hired to investigate and remediate the breach, found a variant of the "X-Agent" malware infecting targeted software used by Ukrainian weapon systems in that nation's conflict against Russian separatists. "The source code to this malware has not been observed in the public domain and appears to have been developed uniquely by Fancy Bear", CrowdStrike said.

This further confirms reports from United States intelligence agencies on Russia's involvement with the USA presidential election, experts say. On his Facebook page, he commented about the Crowdstrike report, saying it was "delusional and written for amateurs..." While it was initially discovered in a battlefield environment, an adversary could also leverage it in attacks against non-military targets. With mobile devices used in civilian and military organizations, this technique could very possibly be deployed in political, government, and other sectors in the near future. Most conspicuous is that Ukraine lost 80% of its arsenal of D-30 Howitzer guns.

Like this: