what is known

The new report was released by the National Cyber ​​Security Center (NCSC) with international partners on August 31. This refers to a malware campaign targeting Android mobile devices used by the Ukrainian military.

A virus named The infamous Chisel It was used by a Russian hacking group known as sandworm. NCSC previously linked Sandworm to the Russian Special Technologies Main Center (GSCST) within the Russian Main Intelligence Directorate (GRU). So we can say that this group works for the Russian government and carries out its orders.

Infamous Chisel provides permanent access to compromised Android devices as well as the ability to collect and extract data from these devices. The ministry doesn’t specify exactly what data was collected, but it’s likely related to geolocation, installed apps, listening to messages, and more. It is also possible for the virus to access files that allow the smartphone owner to retrieve photos, videos and audio recordings stored in the device’s memory. In general, the aim of criminals is to steal “sensitive military information”.

• This isn’t the first time Sandworm has attacked Ukraine. For example, in April 2022, they intervened in Ukraine’s energy system in order to cut off the electricity of the entire region. They tried to destroy computers and disable power equipment. Fortunately, they were not successful.
• The group also works abroad. So, in the same 2022, hackers attacked a Swiss laboratory investigating Novachok poison.