This post is also available in:
עברית (Hebrew)
The cyber realm has long been an additional arena when it comes to war. As the conflict in Ukraine continues, military personnel are now facing new threats beyond the battlefield—cyberattacks. Recently, Ukrainian agencies have uncovered two significant cyberattacks aimed at the devices of Ukrainian military forces.
The attacks occurred by sending Ukrainian soldiers malicious messages on the Signal messaging app. These messages contained links disguised as mobile applications – one from an app named Griselda and one from the Ukrainian military system “Eyes.” Griselda is an AI-driven system designed for the automated processing and transmission of information, while “Eyes” is a tracking system used for military operations. However, the apps linked in these messages were not genuine. Instead, they were malicious, designed to steal authentication data and access sensitive military systems, according to Cybernews. The Computer Emergency Response Team of Ukraine (CERT-UA), along with the Ministry of Defense and the Armed Forces of Ukraine (MILCERT), identified these attacks as attempts to extract crucial information, including GPS coordinates from the targeted devices.
One attack involved a fake Griselda website that prompted users to download a mobile version of the Griselda app. This app, which does not actually exist, instead installed a malware called Hydra on the devices. Hydra is known for its data-stealing capabilities, which could compromise sensitive information.
In another attack, hackers exploited the “Eyes” system. They tricked military personnel into downloading a file that seemed legitimate but was actually embedded with malicious third-party code. This code was designed to harvest the device’s GPS coordinates, posing a significant risk to the soldiers’ safety.
Fortunately, the cyber threat was contained before it could fully compromise the security of Ukrainian military personnel. Nonetheless, these incidents highlight the evolving nature of threats faced by soldiers, where digital security is as critical as physical protection. The attempted exfiltration of sensitive data underscores the need for vigilance and robust cybersecurity measures to protect military operations and personnel.
