OS Demote Vulnerability Discovered in Microsoft Windows Kernel
November 12, 2024
Meta Introduces Facial Recognition to Safeguard Users and Combat Fake Celebrity Scams
November 13, 2024
A Russian espionage group, UNC5812, is using malware disguised as a Telegram account to infiltrate the Ukrainian military. This operation, closely monitored by Google’s Threat Analysis Group (TAG) and Mandiant, shows the risks of cyber threats in modern warfare.
The “Civil Defense” Telegram Channel
The Telegram channel, , launched on September 10, 2024, has already gained 184 subscribers. UNC5812 also has a websitE , registered in April 2024. Posing as “Civil Defense,” the group offers software that claims to help conscripts find information on Ukrainian military recruiters.
Malware Targets Both Android and Windows Devices
These applications carry hidden risks for users. On Android devices without Google Play Protect, the malware installs a mapping app called SUNSPINNER that lets the attackers track devices and gain control.
Influence Campaigns to Lower Military Support
UNC5812 isn’t just spreading malware; it’s also pushing content to reduce support for Ukraine’s military recruitment. Google’s Threat Intelligence Group describes this campaign as part of Russia’s effort to influence public opinion through cyber channels like Telegram.
Staying Aware of Cyber Threats
This situation shows how Russian espionage groups continue to use malware and influence campaigns to target Ukraine’s military and sway public opinion. As the conflict continues, military personnel and the public must stay alert to these ongoing cyber threats.
