Russia’s military intelligence unit has been targeting Ukrainian Android devices with “Infamous Chisel,” the tracking name for new malware that’s designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday.
“Infamous Chisel is a collection of components which enable persistent access to an infected Android device over the Tor network, and which periodically collates and exfiltrates victim information from compromised devices,” intelligence officials from the UK, US, Canada, Australia, and New Zealand wrote. “The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military.”
A “serious threat”
Ukraine’s security service first called out the malware earlier this month. Ukrainian officials said then that Ukrainian personnel had “prevented Russia’s intelligence services from gaining access to sensitive information, including the activity of the Armed Forces, deployment of the Defense Forces, their technical provision, etc.”