Google researchers have discovered a Kremlin-backed operation using malware to target potential recruits for the Ukrainian military. The malware, spread primarily via Telegram and a website known as Civil Defense, appears to offer free software for locating military recruiters but instead installs information-stealing software on Windows and Android devices. The operation uses a variant of CraxsRat for Android and a custom version of Pronsis Loader for Windows.
Warning issued over ‘fast flux’ techniques used to obscure malicious signals on compromised networks
Law enforcement agencies have warned that organizations face a common network vulnerability that allows hackers to dodge detection and distribute malicious software indiscriminately. Referred to
