You are currently viewing Russia hid malware in pro-Ukraine app

Russia hid malware in pro-Ukraine app

Russian hackers have developed a fake pro-Ukraine app to trick internet users. The application indeed hides a malware.

IT security researchers Threat Analysis Group (TAG), Google’s threat analysis group, discovered malware in a Ukraine-friendly Android app. According to the researchers, Tula, a group of hackers commissioned by Russia, developed a fake application dubbed Cyber ​​Azov to trap the Ukrainian pirates.


Hackers behind the attack claim the Android app was developed by the Ukrainian Azov regiment. Through this application, Internet users are invited to participate in DDOS attacks against Russian institutions. The pirates also use the regiment’s logo, which openly refers to Nazi ideology.

Related: US Admits to Cyber ​​Attacks Against Russia in Support of Ukraine

A failure for Russia

Many applications available on the web, such as StopWar, allow you to participate in the efforts of the army of pirates in Ukraine. By installing these applications, an Internet user can send thousands of requests to Russian infrastructures. Sites, developed by Ukraine, also facilitate participation in raids against Vladimir Putin’s regime.

But rather than facilitating participation in DDOS attacks, the Russian-developed app installs malware on the smartphone the victims. The Kremlin hijackers managed to trap Ukraine sympathizers by imitating their methods.

To spread the application, Russian hackers rely on APK files available on fake sites. These sites are promoted through instant messaging apps, like Telegram or WhatsApp. Fortunately, the virus did not manage to penetrate the Play Store. De facto, the damage of the malware is limited.

We believe there was no major impact on Android users and the number of installs was miniscule “, reassures Google in its blog post.

Through the app and bogus sites, Russian hackers have also claimed bitcoin donations. Again, the attackers drew a blank. The blockchain address provided has not received any cryptocurrency credit. For the record, cryptocurrencies allowed Ukraine to collect more than 100 million euros in the first weeks of the war. Many investors have turned to digital currencies to support the country. With the funds received, Ukraine has notably invested in military equipment.

This attack is part of the cyber war between Russia and Ukraine and its supporters. According to Microsoft, Moscow is said to have launched 237 cyberattacks against Ukraine since the entry of the Russian army into the country. To retaliate, the Ukrainian authorities have set up an army of pirates, IT Army of Ukraine.

Source :