CISA report: Russian cyber actors using “Infamous Chisel” malware

Image via Pixabay

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA) and agencies in Australia, Canada, United Kingdom and New Zealand recently published a joint report on a malware campaign conducted by Russian cyber actors against the Ukrainian military.

The malware analysis report provides technical details of a new kind of malware used to target Android devices in use by Ukrainian military personnel. The malware, called Infamous Chisel, enables unauthorized access to compromised devices and is designed to scan files, monitor traffic and periodically steal sensitive information.

The campaign was publicly uncovered by Ukraine’s security agency, the SBU, earlier this month and has been attributed to the threat actor known as Sandworm. The United Kingdom and the United States have previously attributed Sandworm to the Russian GRU’s Main Centre for Special Technologies (GTsST).

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.