Threat Actors Mimics Ukraine’s IT Army To Spread Malware

Threat actors are taking advantage of people’s desire to join Ukraine’s IT army to infect them with malware.

The threat actors are doing this by promoting a fake DDoS tool on Telegram. The tool is said to have the capacity to install a password and information-stealing trojan.

According to Cisco Talos researchers, the fake DDoS tool mimics a DDoS tool called the “Liberator.” Liberator is a website bomber used against Russian propaganda outlets.

The versions of the tool downloaded from the real site are “clean” and are considered illegal to use. However, those circulated on Telegram channels are fake and hide malware payloads.

It is difficult to differentiate the original tool from the fake since the two tools are not signed digitally.

Researchers urged users not to join others in conducting cyberattacks. Apart from the fact that those engaging in such attacks could have issues with their country’s law enforcement agencies, they could also expose themselves to attacks.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web