l The group that hacked the DNC infiltrated Ukrainian artillery units
itMYti.com < New IT WebNews
Category: news    |    Added: 2016-12-23 05:55:09    |    View: 96

The group distributed a trojanized version of an Android app used by Ukrainian artillery personnel

Fancy Bear trojan found in Ukrainian military app
Credit: Gerd Altmann / Pixabay
"; adDivString = "
" + adString + "
"; IDG.GPT.defineGoogleTagSlot(slotName ,[[320,50],[300,250],[300,50]]); } placementDiff = applyInsert($(this), adDivString); if (DEBUG) { console.log("Just placed an ad and the placementDiff is: " + placementDiff); } placementTarget = cumulativeHeight + placementDiff + INTERMODULE_HEIGHT + AD_HEIGHT_BUFFER; } else if (moduleCounter < articleDRRModuleList.length){ var elementId = "drr-mod-"+moduleCounter; var moduleDivString = "
"; modules.push(elementId); placementDiff = applyInsert($(this), moduleDivString); if (DEBUG) { console.log("Just placed a module and the placementDiff is: " + placementDiff); } placementTarget = cumulativeHeight + placementDiff + INTERMODULE_HEIGHT + MODULE_HEIGHT_BUFFER; moduleCounter++; } loopCounter++; } // Avoid placing elements too soon due to non-large figures inflating the cumulative height if ($(this).is("figure") && !$(this).is("figure.large")) { cumulativeHeight += GRAF_HEIGHT; } else { cumulativeHeight += $(this).height() + GRAF_HEIGHT; } } }); // end $("#drr-container").children().each() // clone Related Stories module to come in after eighth para in article body for mobile breakpoint display var $relatedStories = $('.related-promo-wrapper'); if ($relatedStories.length) { var $relatedStoriesClone = $relatedStories.clone(); $relatedStoriesClone.insertAfter( "#drr-container > p:eq(7)"); } // For mobile only, place ad after second paragraph. if (firstMobileAdHtml) { $(firstMobileAdHtml).insertAfter("#drr-container > p:eq(1)"); } var $insiderPromo = $('.insider-promo-wrapper'); if ($insiderPromo.length) { var $insiderPromoClone = $insiderPromo.clone(); $insiderPromoClone.insertAfter( "#drr-container > p:eq(1)"); } IDG.GPT.trackOmniture(); // Add Right rail module content var placeModule = function( data ) { var placementId = $(data).attr("data-placement-id"); $( "#"+placementId ).html( data ); }; for (i=0; i" + adString + "
"; } /** * @param jqo Original jquery object target * @param divString The div to be inserted. * @return Difference in height between original placement target and final target. * Checks first 6 elements for an allowable placement (600 pixel window). * If none, place element in first location that does not follow a reject element. */ function applyInsert(jqo, divString) { if (DEBUG) { console.log("applyInsert at top and jqo index is: " + jqo.index()); } for (var i=0; i<=6; i++) { $thisElement = jqo.nextAll().andSelf().slice(i, i+1); if (DEBUG) { console.log("Checking first six and i is: " + i + " and this element index is " + $thisElement.index() ); } if ($thisElement.index() < 0) { break; } if (allowPlacement($thisElement)) { return addElement(jqo, $thisElement, divString); } } if (DEBUG) { console.log("No nearby allows so just place in first spot that is not after reject."); } var numElements = jqo.nextAll().length; var startIndex = jqo.index(); for (var i=startIndex; i<=numElements; i++) { var $element = $("#drr-container").children().eq(i); // This element is eligible when not null, not in placement index, and previous element is not reject if ($element != null && (placementIndex == null || placementIndex.indexOf(i) == -1) && !isReject($element.prev())) { return addElement(jqo, $element, divString); } } if (DEBUG) { console.log("Not going to place element: return 0."); } return 0; } /** * @param jqo Original jquery object * @param allowElement Element that is good placement for module/ad * @param divString The div to be inserted before the good element * @return placementHeightDiff Diff in height between original placement target and current target. * * If element is not too close to the end the insert the div before allowable element. * Add element index to placementIndex to keep track of which elements already have placements */ function addElement(jqo, allowElement, divString) { var offset = allowElement.index() - jqo.index(); if (DEBUG) { console.log("addElement: jqo index is " + jqo.index() + " allowElement index is " + allowElement.index()); } if (elementNotNearEnd(allowElement, RIGHT_PIXEL_WINDOW)) { allowElement.before(divString); if (DEBUG) { console.log("addElement: Adding " + allowElement.index() + " to placementIndex."); } placementIndex.push(allowElement.index()); if (offset == 0) { return 0; } else { return getHeightDifference(jqo,allowElement); } } else { if (DEBUG) { console.log("addElement: Near the end so do NOT add."); } return 0; } } function getHeightDifference(jqo,allowElement) { var offset = allowElement.index() - jqo.index(), height = 0, children = null; if (offset > 0) { children = $("#drr-container").children().slice(jqo.index(), allowElement.index()); } else { children = $("#drr-container").children().slice(allowElement.index(), jqo.index()); } if (children != null) { children.each(function(i) { if (DEBUG) { console.log("About to add this element's height to heigh diff offset"); console.log($(this)); } height += $(this).height() + GRAF_HEIGHT; }); } if (offset < 0) { height *= -1; } if (DEBUG) { console.log("getHeightDifference: offset was " + offset + " and height diff is : " + height); } return height; } function allowPlacement(jqo) { if (jqo.prev() != null && isReject(jqo.prev())) { return false; } return true; } function isReject(jqo) { if (jqo != null) { if (jqo.is('h2') || jqo.is('h3') || jqo.is('h4') || jqo.is('h5')) { if (DEBUG) { console.log("isReject: found header"); } return true; } } return false; } // Returns true if height of all elements after this one is more than 500; false otherwise function elementNotNearEnd(element, pixelWindow) { if (pixelWindow === null) { pixelWindow = 500; } if (element === null) { return false; } var remainingHeight = 0, children = $("#drr-container").children().slice(element.index()); if (children === null) { return false; } children.each(function(i){ remainingHeight += $(this).height(); }); if ( remainingHeight > pixelWindow) { return true; } else { if (DEBUG) { console.log("Element too close to end. Remaining height is: " + remainingHeight + " and window is " + pixelWindow); } return false; } } } // end function executeDRRMobile() function executeDRRDesktop() { var heroImgHeight = $('figure.hero-img').outerHeight(true); if (heroImgHeight === null) { heroImgHeight = 0; } var galleryItemHeight = $('figure.thm-gallery').outerHeight(true); if (galleryItemHeight === null) { galleryItemHeight = 0; } var atAglanceTop = $('.at-a-glance.top').height(); if (atAglanceTop === null) { atAglanceTop = 0; } var drrContainerHeight = $('div#drr-container').outerHeight(true); var topIMUheight = $('#topimu').height(); if (topIMUheight === 0) { topIMUheight = 600; } var relatedPromoHeight = $('div.related-promo-wrapper').outerHeight(true); if (relatedPromoHeight === null) { relatedPromoHeight = 0; } var videoHowtoHeight = $('div#video-howto-wrapper').outerHeight(true); if (videoHowtoHeight === null) { videoHowtoHeight = 0; } var teadsInreadHeight = $('div.teads-inread').height(); if (teadsInreadHeight === null) { teadsInreadHeight = 0; } var unrulyAdHeight = $('.unruly_in_article_placement').height(); if (unrulyAdHeight === null) { unrulyAdHeight = 0; } //just in case the in article ads are picked up... var collapsibleAdHeight = unrulyAdHeight + teadsInreadHeight; var workingRRheight = ( (heroImgHeight + galleryItemHeight + atAglanceTop + drrContainerHeight) - (topIMUheight + relatedPromoHeight + videoHowtoHeight) ); workingRRheight = workingRRheight - collapsibleAdHeight; var DEBUG = false; if (DEBUG) { console.log('-----working RR height = ' + workingRRheight); } var articleDRRModuleList = ["dealposts","products.latest-reviews"], moduleUrls = [], modules = [], moduleCounter = 0, loopCounter = 0; var adPositions = new Array(0,1,3); // IMU, IMU, module, IMU, module if (false) { var dealpostsIdx = articleDRRModuleList.indexOf("dealposts"); if (dealpostsIdx > -1) { articleDRRModuleList.splice(dealpostsIdx, 1); adPositions = [0, 1, 2]; } } for (var i=0; i 650) { numItems = 1; } if (workingRRheight > 1350) { numItems = 2; } if (workingRRheight > 2300) { numItems = 3; } if (workingRRheight > 2950) { numItems = 4; } if (workingRRheight > 3650) { numItems = 5; } for (var currIndex=0;currIndex
"; adDivString = "
" + adString + "
"; IDG.GPT.defineGoogleTagSlot(slotName ,[[320,50],[300,250],[300,50]]); } //$('#drr-container > p').first().before(adDivString); //$('#drr-top-ad').append(adDivString); $(adDivString).appendTo('#drr-top-ad'); if (DEBUG) { console.log("-----Just placed an AD currIndex = " + currIndex); } } else if (moduleCounter < articleDRRModuleList.length){ var elementId = "drr-mod-"+moduleCounter; var moduleDivString = "
"; modules.push(elementId); //$('#drr-container > p').first().before(moduleDivString); $('#drr-top-ad').append(moduleDivString); if (DEBUG) { console.log("-----Just placed a MODULE and currIndex = " + currIndex); } moduleCounter++; } } //end for loop IDG.GPT.trackOmniture(); // Add Right rail module content var placeModule = function( data ) { var placementId = $(data).attr("data-placement-id"); $( "#"+placementId ).html( data ); }; for (i=0; i" + adString + "
"; } } // end function executeDRRDesktop()

The cyberespionage group blamed for hacking into the U.S. Democratic National Committee (DNC) earlier this year has also infiltrated the Ukrainian military through a trojanized Android application used by its artillery units.

The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent that has variants for Windows, Android, and iOS.

Fancy Bear has been responsible for many cyberespionage operations around the world over the years, and its selection of targets has frequently reflected Russia's geopolitical interests. Researchers from security firm CrowdStrike believe the group is likely tied to the Russian Military Intelligence Service (GRU).

The company found an Android application package earlier this year that had been trojanized with the Android version of X-Agent. It is a maliciously modified version of an app developed by Yaroslav Sherstuk, an officer in Ukraine's 55th Artillery Brigade, to help artillery forces more quickly process targeting data for the Soviet-made D-30 howitzer.

Sherstuk previously estimated in media interviews that up to 9,000 Ukrainian artillery personnel have used his application and that it helped reduce the D-30 targeting time from minutes to under 15 seconds, according to CrowdStrike. 

Sherstuk's app has never been distributed through Google Play, meaning its users likely installed it manually after obtaining it from various sources. And with users in the habit of installing apps from alternative sources, Fancy Bear probably didn't have much trouble distributing a trojanized version of the app.

"Successful deployment of the FANCY BEAR malware within this application may have facilitated reconnaissance against Ukrainian troops," the CrowdStrike researchers said Thursday in a blog post. "The ability of this malware to retrieve communications and gross locational data from an infected device makes it an attractive way to identify the general location of Ukrainian artillery forces and engage them."

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Related:
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.
source: Pcworld

Category: news    |    3 hours ago    |    View: 30

If you're a hardcore PC gamer, there's a good chance you've heard of Telltale.

Category: news    |    4 hours ago    |    View: 17

Data privacy is something the tech industry has struggled with for quite some time. Though the Cambridge Analytica scandal involving Facebook was one of the most high-profile examples of that trend, Twitter isn't immune to similar problems.

Category: news    |    5 hours ago    |    View: 3

Now Blevins has made the cover of ESPN Magazine. He is the first professional gamer ever to land on the face of the publication. The in-depth profile includes his thoughts on staying at the top of his game, what gigs&hellip;

Category: news    |    6 hours ago    |    View: 4

Freezing your credit is now free, thanks to a new federal law. Here's why you should take advantage of this opportunity.

Category: news    |    6 hours ago    |    View: 0

The iPhone Xs survived an above-the-head drop almost unscathed while the original iPhone X was totally destroyed.

Category: news    |    6 hours ago    |    View: 0

According to Elon Musk, Tesla cars’ autopilot cameras will turn into dashcams with the incoming Tesla Software v9 update

Category: news    |    6 hours ago    |    View: 0

And there's some debate over why that's happening.

Category: news    |    6 hours ago    |    View: 0

The Chinese and Korean electronic giants are fighting for the Iron Throne of phones, and that can only benefit consumers.

Category: news    |    6 hours ago    |    View: 0

Video shows a detailed walkthrough of the new Android Pie-based Samsung Experience 10.0 running on the Galaxy S9.

Category: review    |    6 hours ago    |    View: 0

Apple made the best smartwatch even better with sophisticated health sensors and a beautiful screen.




Download Latest PC Softwares

Category: simulators    |    Added: 12 hours ago    |    View: 14
ANSYS Additive 19.2 Free Download - downloadwise.com

ANSYS Additive 19.2 Free Download Latest Version for Windows. It is full offline installer standalone setup of ANSYS Additive 19.2 for 64.

ANSYS Additive 19.2 is an impressive suite that delivers critical insights needed by the designers, analysts and engineers in order to avoid build failure and create the parts the conform to design specifications accurately. With this application you will be able to make a workflow for simulating as well as modeling your own. You can also download ANSYS 19.1 nCode DesignLife.

Category: graphic-design    |    Added: 16 hours ago    |    View: 2
Boxshot 4 Ultimate Free Download - downloadwise.com

Boxshot 4 Ultimate Free Download Latest Version for Windows. It is full offline installer standalone setup of Boxshot 4 Ultimate for 64.

Boxshot 4 Ultimate is a very useful application which will provide you impressive photorealistic virtual covers by using the raytracing algorithms. It features lighting as well as camera settings and various other materials. You can also download Adobe Dimension CC 2018.

Category: electronics    |    Added: 17 hours ago    |    View: 3
ANSYS Electronics Suite 19.2 Free Download - downloadwise.com

ANSYS Electronics Suite 19.2 Free Download Latest Version. Full offline installer standalone setup of ANSYS Electronics Suite 19.2 for 64.

ANSYS Electronics Suite 19.2 is an impressive collection of various powerful programs for simulating electromagnetic systems. With this impressive suite you can accurately simulate the electrical devices and electromagnetic behavior of the researched site. You can also download ANSYS Electronics Suite 19.

Category: fonts    |    Added: 2 days ago    |    View: 22
FontLab VI 6 Free Download - downloadwise.com

FontLab VI 6 Free Download Latest Version for Windows. It is full offline installer standalone setup of FontLab VI 6 for 32/64.

FontLab VI 6 is a professional font editor that will support all of the major outline font formats which includes Type 1, TrueType, OpenType and Multiple Master. This application has been developed for the professional users like designers and typographers. It provides you a user friendly environment for customizing the way every symbol in a font look like. You can also download FontCreator Professional 11.5.0.2421.

Category: utilities    |    Added: 3 days ago    |    View: 18
Acronis Disk Director Advanced 11.0.12077 + Boot CD Download - downloadwise.com

Acronis Disk Director Advanced 11.0.12077 + Boot CD Download. Full offline installer standalone setup of Acronis Disk Director Advanced.

Acronis Disk Director Advanced 11.0.12077 is a very handy application which can be used for managing hard disks as well as volumes on your local as well as remote computers. With this application you can easily resize, merge as well as split the drives and change their cluster type. You can also download Acronis Disk Director 12.0.96 + Boot CD.

Category: drivers-softwares    |    Added: 4 days ago    |    View: 16
Driver Talent Pro 7.1.1.16 Free Download - downloadwise.com

Driver Talent Pro 7.1.1.16 Free Download Latest Version. It is full offline installer standalone setup of Driver Talent Pro 7.1.1.16.

Driver Talent Pro 7.1.1.16 is a very handy application which will identify all the drivers and then find the most recent updates online and install them in order to keep your computer up and running. It has got a simple and quick installation process. Once the installation process is completed you will be welcomed with an intuitive interface where all the main components are organized very neatly in different areas. You can also download Driver Talent Pro 6.5.60.172 Portable.

Category: system-tuning    |    Added: 4 days ago    |    View: 3
Ashampoo WinOptimizer 16 Free Download - downloadwise.com

Ashampoo WinOptimizer 16 Free Download Latest Version for Windows. It is full offline installer standalone setup of Ashampoo WinOptimizer 16.

Ashampoo WinOptimizer 16 is a very handy application which can be used for maintaining your system and enhancing your performance. This application has been equipped with a user friendly interface. The interface has got Overview section where you can take a look at the details of the system, maintenance, hibernation files and activate Live-Tuner. You can also download Ashampoo WinOptimizer 15.