The UK, along with international allies including the United States, Australia, Canada, and New Zealand, has issued a new report supporting Ukraine’s claim that Russian cyber actors have been conducting a malware campaign against the Ukrainian military.
The analysis was published by the National Cyber Security Centre (NCSC) and its international counterparts.
The malware, named “Infamous Chisel,” targets Android devices used by Ukrainian military personnel and enables unauthorised access to compromised devices. According to the report, the malware is designed to “scan files, monitor traffic and periodically steal sensitive information.”
The Security Service of Ukraine (SBU) had initially exposed the malware earlier this month, attributing it to the threat actor known as Sandworm. The NCSC has previously linked Sandworm to Russia’s GRU military intelligence agency.
Deputy Prime Minister Oliver Dowden stated, “As Russia fails on the battlefield, it continues its malicious activity online, making Ukraine one of the most cyber-attacked nations in the world.” He added that through the expertise of NCSC, “the UK is challenging Russia’s cowardly cyber actors and defending Ukraine.”
Paul Chichester, NCSC Director of Operations, noted, “The exposure of this malicious campaign against Ukrainian military targets illustrates how Russia’s illegal war in Ukraine continues to play out in cyberspace.”
This joint report, which is part of an ongoing commitment to support Ukraine against Russian aggression, was issued by agencies including the US National Security Agency (NSA), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), New Zealand’s NCSC, Canada’s Centre for Cyber Security, and Australia’s Signals Directorate.
You can read more by clicking here.