Pro-Ukrainian actors have been warned by security researchers of employing DDoS tools that may be ridden with information-stealing malware to attack Russia
Ukrainian vice prime minister, Mykhailo Fedorov, called a volunteer “IT Army” of hackers to DDoS a Russian target in late February
Cisco Talos has claimed that a lot of cybercriminals are attempting to abuse the outpouring of support for Ukraine in the middle of the Russian invasion of the country.
The organization detected several posts on Telegram offering DDoS tools loaded with malware.
Specifically, it detected Telegram posts on offering DDoS tools loaded with malware.
One such tool, named “Liberator,” is offered by a group called “disBalancer.” The original tool is legal but is being spoofed by cybercriminals.
“The file offered on the Telegram page ended up being malware, specifically an infostealer designed to compromise unwitting users,” it explained.
In this case, the malware dumps a variety of credentials and a massive amount of cryptocurrency-related information that includes wallets and metamask information, commonly related to NFTs
The vendor warned that there is no way to differentiate between legal and spoof tools.