l The group that hacked the DNC infiltrated Ukrainian artillery units
itMYti.com < New IT WebNews
Category: news    |    Added: 2016-12-23 05:55:09    |    View: 103

The group distributed a trojanized version of an Android app used by Ukrainian artillery personnel

Fancy Bear trojan found in Ukrainian military app
Credit: Gerd Altmann / Pixabay
"; adDivString = "
" + adString + "
"; IDG.GPT.defineGoogleTagSlot(slotName ,[[320,50],[300,250],[300,50]]); } placementDiff = applyInsert($(this), adDivString); if (DEBUG) { console.log("Just placed an ad and the placementDiff is: " + placementDiff); } placementTarget = cumulativeHeight + placementDiff + INTERMODULE_HEIGHT + AD_HEIGHT_BUFFER; } else if (moduleCounter < articleDRRModuleList.length){ var elementId = "drr-mod-"+moduleCounter; var moduleDivString = "
"; modules.push(elementId); placementDiff = applyInsert($(this), moduleDivString); if (DEBUG) { console.log("Just placed a module and the placementDiff is: " + placementDiff); } placementTarget = cumulativeHeight + placementDiff + INTERMODULE_HEIGHT + MODULE_HEIGHT_BUFFER; moduleCounter++; } loopCounter++; } // Avoid placing elements too soon due to non-large figures inflating the cumulative height if ($(this).is("figure") && !$(this).is("figure.large")) { cumulativeHeight += GRAF_HEIGHT; } else { cumulativeHeight += $(this).height() + GRAF_HEIGHT; } } }); // end $("#drr-container").children().each() // clone Related Stories module to come in after eighth para in article body for mobile breakpoint display var $relatedStories = $('.related-promo-wrapper'); if ($relatedStories.length) { var $relatedStoriesClone = $relatedStories.clone(); $relatedStoriesClone.insertAfter( "#drr-container > p:eq(7)"); } // For mobile only, place ad after second paragraph. if (firstMobileAdHtml) { $(firstMobileAdHtml).insertAfter("#drr-container > p:eq(1)"); } var $insiderPromo = $('.insider-promo-wrapper'); if ($insiderPromo.length) { var $insiderPromoClone = $insiderPromo.clone(); $insiderPromoClone.insertAfter( "#drr-container > p:eq(1)"); } IDG.GPT.trackOmniture(); // Add Right rail module content var placeModule = function( data ) { var placementId = $(data).attr("data-placement-id"); $( "#"+placementId ).html( data ); }; for (i=0; i" + adString + "
"; } /** * @param jqo Original jquery object target * @param divString The div to be inserted. * @return Difference in height between original placement target and final target. * Checks first 6 elements for an allowable placement (600 pixel window). * If none, place element in first location that does not follow a reject element. */ function applyInsert(jqo, divString) { if (DEBUG) { console.log("applyInsert at top and jqo index is: " + jqo.index()); } for (var i=0; i<=6; i++) { $thisElement = jqo.nextAll().andSelf().slice(i, i+1); if (DEBUG) { console.log("Checking first six and i is: " + i + " and this element index is " + $thisElement.index() ); } if ($thisElement.index() < 0) { break; } if (allowPlacement($thisElement)) { return addElement(jqo, $thisElement, divString); } } if (DEBUG) { console.log("No nearby allows so just place in first spot that is not after reject."); } var numElements = jqo.nextAll().length; var startIndex = jqo.index(); for (var i=startIndex; i<=numElements; i++) { var $element = $("#drr-container").children().eq(i); // This element is eligible when not null, not in placement index, and previous element is not reject if ($element != null && (placementIndex == null || placementIndex.indexOf(i) == -1) && !isReject($element.prev())) { return addElement(jqo, $element, divString); } } if (DEBUG) { console.log("Not going to place element: return 0."); } return 0; } /** * @param jqo Original jquery object * @param allowElement Element that is good placement for module/ad * @param divString The div to be inserted before the good element * @return placementHeightDiff Diff in height between original placement target and current target. * * If element is not too close to the end the insert the div before allowable element. * Add element index to placementIndex to keep track of which elements already have placements */ function addElement(jqo, allowElement, divString) { var offset = allowElement.index() - jqo.index(); if (DEBUG) { console.log("addElement: jqo index is " + jqo.index() + " allowElement index is " + allowElement.index()); } if (elementNotNearEnd(allowElement, RIGHT_PIXEL_WINDOW)) { allowElement.before(divString); if (DEBUG) { console.log("addElement: Adding " + allowElement.index() + " to placementIndex."); } placementIndex.push(allowElement.index()); if (offset == 0) { return 0; } else { return getHeightDifference(jqo,allowElement); } } else { if (DEBUG) { console.log("addElement: Near the end so do NOT add."); } return 0; } } function getHeightDifference(jqo,allowElement) { var offset = allowElement.index() - jqo.index(), height = 0, children = null; if (offset > 0) { children = $("#drr-container").children().slice(jqo.index(), allowElement.index()); } else { children = $("#drr-container").children().slice(allowElement.index(), jqo.index()); } if (children != null) { children.each(function(i) { if (DEBUG) { console.log("About to add this element's height to heigh diff offset"); console.log($(this)); } height += $(this).height() + GRAF_HEIGHT; }); } if (offset < 0) { height *= -1; } if (DEBUG) { console.log("getHeightDifference: offset was " + offset + " and height diff is : " + height); } return height; } function allowPlacement(jqo) { if (jqo.prev() != null && isReject(jqo.prev())) { return false; } return true; } function isReject(jqo) { if (jqo != null) { if (jqo.is('h2') || jqo.is('h3') || jqo.is('h4') || jqo.is('h5')) { if (DEBUG) { console.log("isReject: found header"); } return true; } } return false; } // Returns true if height of all elements after this one is more than 500; false otherwise function elementNotNearEnd(element, pixelWindow) { if (pixelWindow === null) { pixelWindow = 500; } if (element === null) { return false; } var remainingHeight = 0, children = $("#drr-container").children().slice(element.index()); if (children === null) { return false; } children.each(function(i){ remainingHeight += $(this).height(); }); if ( remainingHeight > pixelWindow) { return true; } else { if (DEBUG) { console.log("Element too close to end. Remaining height is: " + remainingHeight + " and window is " + pixelWindow); } return false; } } } // end function executeDRRMobile() function executeDRRDesktop() { var heroImgHeight = $('figure.hero-img').outerHeight(true); if (heroImgHeight === null) { heroImgHeight = 0; } var galleryItemHeight = $('figure.thm-gallery').outerHeight(true); if (galleryItemHeight === null) { galleryItemHeight = 0; } var atAglanceTop = $('.at-a-glance.top').height(); if (atAglanceTop === null) { atAglanceTop = 0; } var drrContainerHeight = $('div#drr-container').outerHeight(true); var topIMUheight = $('#topimu').height(); if (topIMUheight === 0) { topIMUheight = 600; } var relatedPromoHeight = $('div.related-promo-wrapper').outerHeight(true); if (relatedPromoHeight === null) { relatedPromoHeight = 0; } var videoHowtoHeight = $('div#video-howto-wrapper').outerHeight(true); if (videoHowtoHeight === null) { videoHowtoHeight = 0; } var teadsInreadHeight = $('div.teads-inread').height(); if (teadsInreadHeight === null) { teadsInreadHeight = 0; } var unrulyAdHeight = $('.unruly_in_article_placement').height(); if (unrulyAdHeight === null) { unrulyAdHeight = 0; } //just in case the in article ads are picked up... var collapsibleAdHeight = unrulyAdHeight + teadsInreadHeight; var workingRRheight = ( (heroImgHeight + galleryItemHeight + atAglanceTop + drrContainerHeight) - (topIMUheight + relatedPromoHeight + videoHowtoHeight) ); workingRRheight = workingRRheight - collapsibleAdHeight; var DEBUG = false; if (DEBUG) { console.log('-----working RR height = ' + workingRRheight); } var articleDRRModuleList = ["dealposts","products.latest-reviews"], moduleUrls = [], modules = [], moduleCounter = 0, loopCounter = 0; var adPositions = new Array(0,1,3); // IMU, IMU, module, IMU, module if (false) { var dealpostsIdx = articleDRRModuleList.indexOf("dealposts"); if (dealpostsIdx > -1) { articleDRRModuleList.splice(dealpostsIdx, 1); adPositions = [0, 1, 2]; } } for (var i=0; i 650) { numItems = 1; } if (workingRRheight > 1350) { numItems = 2; } if (workingRRheight > 2300) { numItems = 3; } if (workingRRheight > 2950) { numItems = 4; } if (workingRRheight > 3650) { numItems = 5; } for (var currIndex=0;currIndex
"; adDivString = "
" + adString + "
"; IDG.GPT.defineGoogleTagSlot(slotName ,[[320,50],[300,250],[300,50]]); } //$('#drr-container > p').first().before(adDivString); //$('#drr-top-ad').append(adDivString); $(adDivString).appendTo('#drr-top-ad'); if (DEBUG) { console.log("-----Just placed an AD currIndex = " + currIndex); } } else if (moduleCounter < articleDRRModuleList.length){ var elementId = "drr-mod-"+moduleCounter; var moduleDivString = "
"; modules.push(elementId); //$('#drr-container > p').first().before(moduleDivString); $('#drr-top-ad').append(moduleDivString); if (DEBUG) { console.log("-----Just placed a MODULE and currIndex = " + currIndex); } moduleCounter++; } } //end for loop IDG.GPT.trackOmniture(); // Add Right rail module content var placeModule = function( data ) { var placementId = $(data).attr("data-placement-id"); $( "#"+placementId ).html( data ); }; for (i=0; i" + adString + "
"; } } // end function executeDRRDesktop()

The cyberespionage group blamed for hacking into the U.S. Democratic National Committee (DNC) earlier this year has also infiltrated the Ukrainian military through a trojanized Android application used by its artillery units.

The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent that has variants for Windows, Android, and iOS.

Fancy Bear has been responsible for many cyberespionage operations around the world over the years, and its selection of targets has frequently reflected Russia's geopolitical interests. Researchers from security firm CrowdStrike believe the group is likely tied to the Russian Military Intelligence Service (GRU).

The company found an Android application package earlier this year that had been trojanized with the Android version of X-Agent. It is a maliciously modified version of an app developed by Yaroslav Sherstuk, an officer in Ukraine's 55th Artillery Brigade, to help artillery forces more quickly process targeting data for the Soviet-made D-30 howitzer.

Sherstuk previously estimated in media interviews that up to 9,000 Ukrainian artillery personnel have used his application and that it helped reduce the D-30 targeting time from minutes to under 15 seconds, according to CrowdStrike. 

Sherstuk's app has never been distributed through Google Play, meaning its users likely installed it manually after obtaining it from various sources. And with users in the habit of installing apps from alternative sources, Fancy Bear probably didn't have much trouble distributing a trojanized version of the app.

"Successful deployment of the FANCY BEAR malware within this application may have facilitated reconnaissance against Ukrainian troops," the CrowdStrike researchers said Thursday in a blog post. "The ability of this malware to retrieve communications and gross locational data from an infected device makes it an attractive way to identify the general location of Ukrainian artillery forces and engage them."

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Related:
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.
source: Pcworld
Category: review    |    10 hours ago    |    View: 347

With Samsung's Galaxy S10 launching soon, here's a closer look at how the new phone should differ from last year's models.

Category: news    |    10 hours ago    |    View: 0

In theory, this tech would pave the way for faster data transfer speeds than traditional radio signals, while also boasting some major security improvements (it's much harder to hack a laser, after all).

Category: news    |    11 hours ago    |    View: 32

Memory from Kingston’s gaming division, HyperX, was recently used to set a new overclocking world record.

Category: news    |    11 hours ago    |    View: 0

Category: news    |    12 hours ago    |    View: 11

Netflix is in late-stage talks with the Motion Picture Association of America (MPAA) with regard to joining the 97-year-old trade association according to two sources familiar with the matter as reported by Politico.

Category: news    |    12 hours ago    |    View: 0

If you're a TechSpot regular, the chances are good that you've seen dozens (if not hundreds) of scammy emails over the years.

Category: news    |    13 hours ago    |    View: 17

Although the company has made a few controversial decisions in the past, one thing Microsoft can't be accused of is ignoring the needs of those with physical or mental disabilities.

Category: news    |    14 hours ago    |    View: 50

Samsung on Tuesday launched its latest NVMe-based solid state drive, the Samsung 970 EVO Plus. It’s built on the M.2 (2280) form factor and uses the latest fifth-generation V-NAND technology with optimized firmware to push performance to new heights.

Category: review    |    15 hours ago    |    View: 12

The HP Omen Sequencer's optical-mechanical switches are cool, but the peripheral is not inventive enough to justify its high price.

Category: news    |    15 hours ago    |    View: 0

It’s easy to become jaded when a hobby becomes your livelihood. You just kind of expect the next best thing to show up without much consideration or appreciation for what goes into the R&amp;D and manufacturing process.




Download Latest PC Softwares

Category: audio-processing    |    Added: 21 hours ago    |    View: 0
Download RC-20 Retro Color VST for Mac - downloadwise.com

Download RC-20 Retro Color VST for Mac Free. it is full Latest Version setup of RC-20 Retro Color VST Premium Pro DMG for Apple Macbook OS X.

Brief Overview of RC-20 Retro Color VST for Mac OS X

Category: sharp-world-clock-free-download    |    Added: 22 hours ago    |    View: 0
Sharp World Clock Free Download - downloadwise.com

Sharp World Clock Free Download Latest Version for Windows. It is full offline installer standalone setup of Sharp World Clock 8.4.4.

Sharp World Clock is an impressive application which displays unlimited number of clocks for various different cities and information about the local weather, sunrise and sunset times. This advanced desktop clock shows the time for unlimited number of locations all around the world.

Category: carrier-hap-free-download    |    Added: 1 day ago    |    View: 0
Carrier HAP Free Download - downloadwise.com

Carrier HAP Free Download Latest Version for Windows. It is full offline installer standalone setup of Carrier HAP.

Carrier HAP is an impressive application designed for the consulting engineers, design contractors, HVAC contractors and various other professionals which are involved in the design and analysis of the commercial building HVAC systems.

Category: audio-processing    |    Added: 1 day ago    |    View: 0
iZotope Ozone Advanced 8 VST Free Download - downloadwise.com

iZotope Ozone Advanced 8 VST Free Download Latest Version. It is full offline installer standalone setup of iZotope Ozone Advanced 8.2.

iZotope Ozone Advanced 8 VST is an imposing and professional sound mixing as well as editing application that provides several separate modules and support for the 3rd party audio plug-ins. This complete audio mastering tool provides loads of features as well as options for creating tunes. You can also download iZotope RX 6 Audio Editor AdvancediZotope Ozone Advanced 8 VST Free Download-GetintoPC.com It h

Category: audio-processing    |    Added: 1 day ago    |    View: 0
Spinnin Records BASE VST Free Download - downloadwise.com

Spinnin Records BASE VST Free Download Latest Version. It is full offline installer standalone setup of Spinnin Records BASE VST 1.1.4.

Spinnin Records BASE VST is an impressive synthesizer that generates both kick and bass sound. Both of them are linked in terms of volume, spectrum and timing so they work together perfectly in your mix. You can also download Native Instruments Absynth VSTi.

Category: audio-processing    |    Added: 1 day ago    |    View: 0
Regroover Pro VST Free Download - downloadwise.com

Regroover Pro VST Free Download Latest Version for Windows. It is full offline installer standalone setup of Regroover Pro VST 1.7.7.

Regroover Pro VST is an imposing application which can be used for extracting stems from your audio loops and enable new beat making workflows. You can use the Artificial Intelligence engine and then get previously unreachable sounds from inside your audio samples. You can also download Scaler VST for Mac.

Category: operating-systems    |    Added: 2 days ago    |    View: 0
Windows Server 2019 Jan 2019 Edition Download - downloadwise.com

Windows Server 2019 Jan 2019 Edition Download Latest OEM RTM version. It is Full Bootable ISO Image of Windows Server 2019 Jan 2019.

Windows Server 2019 Jan 2019 Edition is the latest edition of the server operating system from Microsoft which is the part of Windows NT family of the operating systems. This operating system has been built on the strong foundation of the Windows Server 2016 and it has brought various different innovations on four different themes which are Application Platform, Hybrid Cloud, Security and Hyper-Converged Infrastructure (HCI). You can also download Windows Server 2008 R2 Incl Nov 2018 Updates.