
Russian hackers tracked Ukrainian artillery units using Android implant (2016) - vinnyglennon
https://www.reuters.com/article/us-cyber-ukraine/russian-hackers-tracked-ukrainian-artillery-units-using-android-implant-report-idUSKBN14B0CU
======
yonaguska
Why is this being posted now? This is not only from 4 years ago- but the
claims Crowdstrike made were disputed by Ukrainian military authorities and
Crowdstrike themselves even revised their original findings. They apparently
misinterpreted the IISS data and vastly overestimated artillery losses. In
addition, the application used for artillery targeting at the time didn't have
access to any network or gps data.

Jeffrey Carr, cybersecurity researcher points out his own concerns about the
crowdstrike allegations here:

[https://www.linkedin.com/pulse/crowdstrike-needs-address-
har...](https://www.linkedin.com/pulse/crowdstrike-needs-address-harm-
causedukraine-jeffrey-carr)

~~~
codezero
I have no stake in this, but here are my points of opposition to that linkedin
article:

1\. don't need GPS permissions for location data (IP address is still valuable
intelligence especially if I'm spear phishing my target(s))

2\. the claim that the app is outdated and doesn't use the internet misses the
point (I would add emphasis if I could)

re 2: what crowdstrike describes is an effort to get people to download a fake
version of the same app, which has added features/tracking.

note the disparity in quotes:

Linked Quote (link is broken, but from Crowdstrike CEO): Russian hackers …
tricked Ukrainian servicemen into downloading a contaminated version of the
software - [https://www.telegraph.co.uk/news/2016/12/22/russia-linked-
dn...](https://www.telegraph.co.uk/news/2016/12/22/russia-linked-dnc-hackers-
targeted-ukrainian-army/)

Poster: Crowdstrike claimed that the GRU identified a targeting app, wrote
malware for it, and used the compromised apps to geolocate and bomb their
artillery.

See - this is not what's being said, we're mincing words. The attack, as I
understand it, is they found an app they knew their target used. Made a fake
version, and spear phished people (let's say, all new recruits) into
downloading their malware version. What happens after that is wide open. GPS,
location, network connection, anything, we can't say (probably Crowdstrike
can) so the Ukranian soldier who made the app saying his version wasn't
compromised is totally besides the point.

------
ianhawes
This blogspam and the accompanying CrowdStrike report[0] are from late 2016.

> The implant leveraged a legitimate Android application developed by a
> Ukrainian artillery officer to process targeting data more quickly,
> CrowdStrike said.

Ouch.

[0] [https://www.crowdstrike.com/blog/danger-close-fancy-bear-
tra...](https://www.crowdstrike.com/blog/danger-close-fancy-bear-tracking-
ukrainian-field-artillery-units/)

~~~
Mikhail_K
This has been debunked

[https://medium.com/@stranahan/timeline-of-crowdstrikes-
russi...](https://medium.com/@stranahan/timeline-of-crowdstrikes-russia-hacks-
ukrainian-military-debacle-comey-s-cleanup-7871c1710961)

~~~
codezero
I'm open minded, but are there any sources from within the security industry
that have debunked this? Like one of Crowdstrike's peers or a similar
organization?

~~~
Mikhail_K
See the article and links therein

------
wlll
I can't see myself ever owning an Android phone, I simply don't trust them to
be secure enough for a device that controls, or can monitor, pretty much my
entire life.

~~~
blaser-waffle
I can't understand why ANY cell phones would be allowed in a military Area of
Operations. Even a 1998 flip phone will dial home and give off all sorts of
signals. And you can absolutely download and allow similar apps with an
iPhone.

~~~
wlll
> I can't understand why ANY cell phones would be allowed in a military Area
> of Operations.

Yup.

> And you can absolutely download and allow similar apps with an iPhone.

The article referenced malware, is there malware that can run on an up-to-date
iPhone?

~~~
NikolaeVarius
[https://www.nytimes.com/2020/01/22/technology/jeff-bezos-
hac...](https://www.nytimes.com/2020/01/22/technology/jeff-bezos-hack-
iphone.html)

------
jpb4k
It seems mind blowing to me that military would use off the shelf Android
hardware! We have come so far from military being at the forefront of tech.

