l The group that hacked the DNC infiltrated Ukrainian artillery units
itMYti.com < New IT WebNews
Category: news    |    Added: 2016-12-23 05:55:09    |    View: 81

The group distributed a trojanized version of an Android app used by Ukrainian artillery personnel

Fancy Bear trojan found in Ukrainian military app
Credit: Gerd Altmann / Pixabay
"; adDivString = "
" + adString + "
"; IDG.GPT.defineGoogleTagSlot(slotName ,[[320,50],[300,250],[300,50]]); } placementDiff = applyInsert($(this), adDivString); if (DEBUG) { console.log("Just placed an ad and the placementDiff is: " + placementDiff); } placementTarget = cumulativeHeight + placementDiff + INTERMODULE_HEIGHT + AD_HEIGHT_BUFFER; } else if (moduleCounter < articleDRRModuleList.length){ var elementId = "drr-mod-"+moduleCounter; var moduleDivString = "
"; modules.push(elementId); placementDiff = applyInsert($(this), moduleDivString); if (DEBUG) { console.log("Just placed a module and the placementDiff is: " + placementDiff); } placementTarget = cumulativeHeight + placementDiff + INTERMODULE_HEIGHT + MODULE_HEIGHT_BUFFER; moduleCounter++; } loopCounter++; } // Avoid placing elements too soon due to non-large figures inflating the cumulative height if ($(this).is("figure") && !$(this).is("figure.large")) { cumulativeHeight += GRAF_HEIGHT; } else { cumulativeHeight += $(this).height() + GRAF_HEIGHT; } } }); // end $("#drr-container").children().each() // clone Related Stories module to come in after eighth para in article body for mobile breakpoint display var $relatedStories = $('.related-promo-wrapper'); if ($relatedStories.length) { var $relatedStoriesClone = $relatedStories.clone(); $relatedStoriesClone.insertAfter( "#drr-container > p:eq(7)"); } // For mobile only, place ad after second paragraph. if (firstMobileAdHtml) { $(firstMobileAdHtml).insertAfter("#drr-container > p:eq(1)"); } var $insiderPromo = $('.insider-promo-wrapper'); if ($insiderPromo.length) { var $insiderPromoClone = $insiderPromo.clone(); $insiderPromoClone.insertAfter( "#drr-container > p:eq(1)"); } IDG.GPT.trackOmniture(); // Add Right rail module content var placeModule = function( data ) { var placementId = $(data).attr("data-placement-id"); $( "#"+placementId ).html( data ); }; for (i=0; i" + adString + "
"; } /** * @param jqo Original jquery object target * @param divString The div to be inserted. * @return Difference in height between original placement target and final target. * Checks first 6 elements for an allowable placement (600 pixel window). * If none, place element in first location that does not follow a reject element. */ function applyInsert(jqo, divString) { if (DEBUG) { console.log("applyInsert at top and jqo index is: " + jqo.index()); } for (var i=0; i<=6; i++) { $thisElement = jqo.nextAll().andSelf().slice(i, i+1); if (DEBUG) { console.log("Checking first six and i is: " + i + " and this element index is " + $thisElement.index() ); } if ($thisElement.index() < 0) { break; } if (allowPlacement($thisElement)) { return addElement(jqo, $thisElement, divString); } } if (DEBUG) { console.log("No nearby allows so just place in first spot that is not after reject."); } var numElements = jqo.nextAll().length; var startIndex = jqo.index(); for (var i=startIndex; i<=numElements; i++) { var $element = $("#drr-container").children().eq(i); // This element is eligible when not null, not in placement index, and previous element is not reject if ($element != null && (placementIndex == null || placementIndex.indexOf(i) == -1) && !isReject($element.prev())) { return addElement(jqo, $element, divString); } } if (DEBUG) { console.log("Not going to place element: return 0."); } return 0; } /** * @param jqo Original jquery object * @param allowElement Element that is good placement for module/ad * @param divString The div to be inserted before the good element * @return placementHeightDiff Diff in height between original placement target and current target. * * If element is not too close to the end the insert the div before allowable element. * Add element index to placementIndex to keep track of which elements already have placements */ function addElement(jqo, allowElement, divString) { var offset = allowElement.index() - jqo.index(); if (DEBUG) { console.log("addElement: jqo index is " + jqo.index() + " allowElement index is " + allowElement.index()); } if (elementNotNearEnd(allowElement, RIGHT_PIXEL_WINDOW)) { allowElement.before(divString); if (DEBUG) { console.log("addElement: Adding " + allowElement.index() + " to placementIndex."); } placementIndex.push(allowElement.index()); if (offset == 0) { return 0; } else { return getHeightDifference(jqo,allowElement); } } else { if (DEBUG) { console.log("addElement: Near the end so do NOT add."); } return 0; } } function getHeightDifference(jqo,allowElement) { var offset = allowElement.index() - jqo.index(), height = 0, children = null; if (offset > 0) { children = $("#drr-container").children().slice(jqo.index(), allowElement.index()); } else { children = $("#drr-container").children().slice(allowElement.index(), jqo.index()); } if (children != null) { children.each(function(i) { if (DEBUG) { console.log("About to add this element's height to heigh diff offset"); console.log($(this)); } height += $(this).height() + GRAF_HEIGHT; }); } if (offset < 0) { height *= -1; } if (DEBUG) { console.log("getHeightDifference: offset was " + offset + " and height diff is : " + height); } return height; } function allowPlacement(jqo) { if (jqo.prev() != null && isReject(jqo.prev())) { return false; } return true; } function isReject(jqo) { if (jqo != null) { if (jqo.is('h2') || jqo.is('h3') || jqo.is('h4') || jqo.is('h5')) { if (DEBUG) { console.log("isReject: found header"); } return true; } } return false; } // Returns true if height of all elements after this one is more than 500; false otherwise function elementNotNearEnd(element, pixelWindow) { if (pixelWindow === null) { pixelWindow = 500; } if (element === null) { return false; } var remainingHeight = 0, children = $("#drr-container").children().slice(element.index()); if (children === null) { return false; } children.each(function(i){ remainingHeight += $(this).height(); }); if ( remainingHeight > pixelWindow) { return true; } else { if (DEBUG) { console.log("Element too close to end. Remaining height is: " + remainingHeight + " and window is " + pixelWindow); } return false; } } } // end function executeDRRMobile() function executeDRRDesktop() { var heroImgHeight = $('figure.hero-img').outerHeight(true); if (heroImgHeight === null) { heroImgHeight = 0; } var galleryItemHeight = $('figure.thm-gallery').outerHeight(true); if (galleryItemHeight === null) { galleryItemHeight = 0; } var atAglanceTop = $('.at-a-glance.top').height(); if (atAglanceTop === null) { atAglanceTop = 0; } var drrContainerHeight = $('div#drr-container').outerHeight(true); var topIMUheight = $('#topimu').height(); if (topIMUheight === 0) { topIMUheight = 600; } var relatedPromoHeight = $('div.related-promo-wrapper').outerHeight(true); if (relatedPromoHeight === null) { relatedPromoHeight = 0; } var videoHowtoHeight = $('div#video-howto-wrapper').outerHeight(true); if (videoHowtoHeight === null) { videoHowtoHeight = 0; } var teadsInreadHeight = $('div.teads-inread').height(); if (teadsInreadHeight === null) { teadsInreadHeight = 0; } var unrulyAdHeight = $('.unruly_in_article_placement').height(); if (unrulyAdHeight === null) { unrulyAdHeight = 0; } //just in case the in article ads are picked up... var collapsibleAdHeight = unrulyAdHeight + teadsInreadHeight; var workingRRheight = ( (heroImgHeight + galleryItemHeight + atAglanceTop + drrContainerHeight) - (topIMUheight + relatedPromoHeight + videoHowtoHeight) ); workingRRheight = workingRRheight - collapsibleAdHeight; var DEBUG = false; if (DEBUG) { console.log('-----working RR height = ' + workingRRheight); } var articleDRRModuleList = ["dealposts","products.latest-reviews"], moduleUrls = [], modules = [], moduleCounter = 0, loopCounter = 0; var adPositions = new Array(0,1,3); // IMU, IMU, module, IMU, module if (false) { var dealpostsIdx = articleDRRModuleList.indexOf("dealposts"); if (dealpostsIdx > -1) { articleDRRModuleList.splice(dealpostsIdx, 1); adPositions = [0, 1, 2]; } } for (var i=0; i 650) { numItems = 1; } if (workingRRheight > 1350) { numItems = 2; } if (workingRRheight > 2300) { numItems = 3; } if (workingRRheight > 2950) { numItems = 4; } if (workingRRheight > 3650) { numItems = 5; } for (var currIndex=0;currIndex
"; adDivString = "
" + adString + "
"; IDG.GPT.defineGoogleTagSlot(slotName ,[[320,50],[300,250],[300,50]]); } //$('#drr-container > p').first().before(adDivString); //$('#drr-top-ad').append(adDivString); $(adDivString).appendTo('#drr-top-ad'); if (DEBUG) { console.log("-----Just placed an AD currIndex = " + currIndex); } } else if (moduleCounter < articleDRRModuleList.length){ var elementId = "drr-mod-"+moduleCounter; var moduleDivString = "
"; modules.push(elementId); //$('#drr-container > p').first().before(moduleDivString); $('#drr-top-ad').append(moduleDivString); if (DEBUG) { console.log("-----Just placed a MODULE and currIndex = " + currIndex); } moduleCounter++; } } //end for loop IDG.GPT.trackOmniture(); // Add Right rail module content var placeModule = function( data ) { var placementId = $(data).attr("data-placement-id"); $( "#"+placementId ).html( data ); }; for (i=0; i" + adString + "
"; } } // end function executeDRRDesktop()

The cyberespionage group blamed for hacking into the U.S. Democratic National Committee (DNC) earlier this year has also infiltrated the Ukrainian military through a trojanized Android application used by its artillery units.

The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent that has variants for Windows, Android, and iOS.

Fancy Bear has been responsible for many cyberespionage operations around the world over the years, and its selection of targets has frequently reflected Russia's geopolitical interests. Researchers from security firm CrowdStrike believe the group is likely tied to the Russian Military Intelligence Service (GRU).

The company found an Android application package earlier this year that had been trojanized with the Android version of X-Agent. It is a maliciously modified version of an app developed by Yaroslav Sherstuk, an officer in Ukraine's 55th Artillery Brigade, to help artillery forces more quickly process targeting data for the Soviet-made D-30 howitzer.

Sherstuk previously estimated in media interviews that up to 9,000 Ukrainian artillery personnel have used his application and that it helped reduce the D-30 targeting time from minutes to under 15 seconds, according to CrowdStrike. 

Sherstuk's app has never been distributed through Google Play, meaning its users likely installed it manually after obtaining it from various sources. And with users in the habit of installing apps from alternative sources, Fancy Bear probably didn't have much trouble distributing a trojanized version of the app.

"Successful deployment of the FANCY BEAR malware within this application may have facilitated reconnaissance against Ukrainian troops," the CrowdStrike researchers said Thursday in a blog post. "The ability of this malware to retrieve communications and gross locational data from an infected device makes it an attractive way to identify the general location of Ukrainian artillery forces and engage them."

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Related:
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.
source: Pcworld
Category: news    |    6 hours ago    |    View: 141

Airports, hotel rooms and rental cars pose unseen privacy risks. Here's what to do.

Category: news    |    7 hours ago    |    View: 6

The Google Play store is no stranger to seemingly legitimate apps that host malware, but McAfee researchers have discovered something a bit different: three malicious applications that target specific individuals. The security group says a North Korea-linked group uploaded the&hellip;

Category: news    |    8 hours ago    |    View: 4

After a number of frustrating delays, Nvidia’s first G-Sync, high refresh rate, HDR monitors are almost upon us. The first of these, The Predator X27, is already up for preorder. We always knew that it would put a big hole&hellip;

Category: news    |    10 hours ago    |    View: 18

Here are the biggest games to expect from E3 2018, including Super Smash Bros., Spider-Man and The Last of Us II.

Category: news    |    11 hours ago    |    View: 7

Rumor has it that iOS 12, due to be announced at Apple's annual Worldwide Developers Conference on June 4, will have a reduced scope as Apple tries to focus on improved security and reliability. Still, hope springs eternal — and for those of us who are dr

Category: news    |    1 day ago    |    View: 155

The strongest man in Harlem is back, but his might may not be enough to make it past the critical public eye and a new foe.

Category: review    |    2 days ago    |    View: 39

OnePlus looks like it's produced another budget-beating phone with the OnePlus 6. But how does it stack up against Apple's iPhone X?

Category: news    |    2 days ago    |    View: 144

It seems Google isn't willing to let Microsoft take the lead in the realm of augmented reality (AR).

Category: news    |    2 days ago    |    View: 10

Back in March, we got word that Hello Games would be releasing a massive update for No Man’s Sky this summer called “NEXT.” Billed as “the biggest ever,” Sean Murray was vague with the release date and details. However, it&hellip;

Category: news    |    2 days ago    |    View: 8

Cinematographer Phil Holland not all that long ago took delivery of the first Shootover K1 Hammerhead 6-axis gyro stabilized gimbal which allows for multiple cameras to be lined up and used in a panoramic array. He promptly put the rig&hellip;




Download Latest PC Softwares

Category: design    |    Added: 4 hours ago    |    View: 2
Digipara Lift Designer 5.2 Premium Suite Download - downloadwise.com

Digipara Lift Designer 5.2 Premium Suite Download Latest Version for Windows. It is full offline installer standalone setup of Digipara Lift Designer 5.2 Premium Suite for 32/64.

Digipara Lift Designer 5.2 Premium Suite is a handy application for design and construction drawing for the lift. This application is able to design the different types of traction and hydraulic elevators and can map them to be traced. In this age of standardization and process optimization, elevator manufacturers all around the world use the Digipara Liftdesigner to fully automate their drawings. You can also download AutoCAD Raster Design 2019.

Category: 3d-cad    |    Added: 11 hours ago    |    View: 3
KISSsoft 2017 Free Download - downloadwise.com

KISSsoft 2017 Free Download Latest Version for Windows. It is full offline installer standalone setup of KISSsoft 2017.

KISSsoft 2017 is an excellent software which can be used for calibration, optimization and calculation of the machine parts. With this software you can easily perform the re-analysis of the machine parts and the components such as gears, shafts, screws, bearings and movable cables etc. You can also download GibbsCAM 2016.

Category: chasm-consulting-pumpsim-premium-free-download    |    Added: 19 hours ago    |    View: 2
Chasm Consulting PumpSim Premium Free Download - downloadwise.com

Chasm Consulting PumpSim Premium Free Download Latest Version for Windows. It is full offline installer standalone setup of Chasm Consulting PumpSim Premium.

Chasm Consulting PumpSim Premium is an effective software which can be used to design, model, optimize and simulate a fluid pump system. This software is interactive and based on the 3D technology which is used in Ventsim Software. You can easily design and simulate different plumbing systems and pumping systems.

Category: development    |    Added: 20 hours ago    |    View: 1
Advanced Installer Architect 14.5 Build 83044 Download - downloadwise.com

Advanced Installer Architect 14.5 Build 83044 Download Latest Version for Windows. It is full offline installer standalone setup of Advanced Installer Architect 14.5 Build 83044.

Advanced Installer Architect 14.5 Build 83044 is a handy application that has got a complete set of tools in order to let the developers build Windows Installer packages. It provides you a clean and intuitive environment and though it has got loads of dedicated parameters yet the interface is still very straightforward. You can also download Inno Setup Compiler.

Category: circuit-designing    |    Added: 21 hours ago    |    View: 1
PC SCHEMATIC Automation 19.0.2.72 Free Download - downloadwise.com

PC SCHEMATIC Automation 19.0.2.72 Free Download Latest Version for Windows. It is full offline installer standalone setup of PC SCHEMATIC Automation 19.0.2.72 for 32/64.

PC SCHEMATIC Automation 19.0.2.72 is a handy application for mapping the electrical circuits. You can draw the wiring diagram on a paper for a small house but when it comes to an industrial building as well as complex installations you need to have an application like PC SCHEMATIC Automation 19.0.2.72. You can also download AutoCAD Electrical 2018.

Category: development    |    Added: 1 day ago    |    View: 5
Allround Automations PL / SQL Developer 12.0.2.1818 Download - downloadwise.com

Allround Automations PL / SQL Developer 12.0.2.1818 Download Latest Version for Windows. It is full offline installer standalone setup of Allround Automations PL / SQL Developer 12.0.2.1818.

Allround Automations PL / SQL Developer 12.0.2.1818 is an IDE( Integrated Development Environment) which is developed to develop the application units stored for Oracle Database. With the time passing we are now seeing business logics and moving to the Oracle’s Server so this software has become an integral part of the overall development process. You can also download SQL Server 2014 Developer Edition.

Category: download-managers    |    Added: 1 day ago    |    View: 2
save2pc Ultimate 5.5.3 + Portable Free Download - downloadwise.com

save2pc Ultimate 5.5.3 + Portable Free Download Latest Version for Windows. It is full offline installer standalone setup of save2pc Ultimate 5.5.3 + Portable.

Internet is an ocean of information where you can have access to countless content in the form of videos. All these videos are of various different categories as well as genre. For accessing this huge pool of videos you need to be connected to the Internet but if you have no access to the Internet then you are required to have a software application which will allow you to access the videos offline and save2pc Ultimate 5.5.3 + Portable is one of them. This application allows you to download the videos from any of the famous video sharing websites like Facebook, YouTube, Dailymotion and Vimeo etc. You can also download Save2PC 5.3.5 Build 1493.