# Cloudilax

Ukraine’s “IT Army” Hit With Info-Stealing Malware Amidst Russian Invasion

Pro-Ukrainian actors have been warned by security researchers of employing DDoS tools that may be ridden with information-stealing malware to attack Russia

Ukrainian vice prime minister, Mykhailo Fedorov, called a volunteer “IT Army” of hackers to DDoS a Russian target in late February

Cisco Talos has claimed that a lot of cybercriminals are attempting to abuse the outpouring of support for Ukraine in the middle of the Russian invasion of the country.

malware IT army

The organization detected several posts on Telegram offering DDoS tools loaded with malware.
Specifically, it detected Telegram posts on offering DDoS tools loaded with malware.
One such tool, named “Liberator,” is offered by a group called “disBalancer.” The original tool is legal but is being spoofed by cybercriminals.

“The file offered on the Telegram page ended up being malware, specifically an infostealer designed to compromise unwitting users,” it explained.
In this case, the malware dumps a variety of credentials and a massive amount of cryptocurrency-related information that includes wallets and metamask information, commonly related to NFTs

The vendor warned that there is no way to differentiate between legal and spoof tools.

Related blogs