It seems Russia has found a new use for Android malware.
A hacking group linked to the Russian government and high-profile cyber attacks against Democrats during the U.S. presidential election likely used a malware implant on Android devices to track and target Ukrainian artillery units from late 2014 through 2016, according to a new report released Thursday.
The malware was able to retrieve communications and some locational data from infected devices, intelligence that would have likely been used to strike against the artillery in support of pro-Russian separatists fighting in eastern Ukraine, the report from cyber security firm CrowdStrike found.
. . .
The hacking group, known commonly as Fancy Bear or APT 28, is believed by U.S. intelligence officials to work primarily on behalf of the GRU, Russia's military intelligence agency.
. . .
The implant leveraged a legitimate Android application developed by a Ukrainian artillery officer to process targeting data more quickly, CrowdStrike said.
Its deployment "extends Russian cyber capabilities to the front lines of the battlefield", the report said, and "could have facilitated anticipatory awareness of Ukrainian artillery force troop movement, thus providing Russian forces with useful strategic planning information".
There's more at the link.
It's interesting that the hackers targeted a Ukrainian military app, and were able to infect its download source. The US military uses many specially developed apps, so I'm sure it's taking precautions against them being hacked in the same way. This report will probably spur renewed efforts in that direction . . . and efforts to hack apps in the hands of potential and actual enemies as well.