On August 31, 2023, the National Cyber Security Centre (NCSC), alongside international partners, published a report on a malware campaign targeting Android mobile devices used by the Ukrainian military, the UK Defense Intelligence reports.
The malware, referred to as Infamous Chisel, has been used by the russian cyber threat group known as Sandworm. NCSC has previously attributed Sandworm to the russian General Staff Main Intelligence Directorate’s (GRU) Main Centre for Special Technologies (GTsST).
Read more: Ukrainian Forces Push Deeper into Orikhiv Region as russian Forces Face Dilemma in Kupiansk Region
Infamous Chisel enables persistent access to, and the collation and exfiltration of data from, compromised Android devices. This includes targeting applications used by the Ukrainian military.
Infamous Chisel has highly likely been used with the aim of stealing sensitive military information. This activity demonstrates russia’s continued use of cyber capabilities to support the invasion of Ukraine.
Read more: Bolstering Security at the Kerch Strait: russia Strengths Defensive Measures for the Crimean Bridge and Military Logistics