The National Security Agency, the FBI and the Cybersecurity and Infrastructure Security Agency have released a joint report with international partners warning on a new Russian military malware campaign against Ukraine.
The report seeks to uncover and mitigate the new malware named Infamous Chisel from Russian cyber elements called Sandworm that targets U.S. government and defense networks, the NSA said.
The report, jointly issued by the U.S. agencies and their counterparts in the United Kingdom, Canada, New Zealand and Australia, provides an analysis of how Infamous Chisel works. The malware targets Android devices for remote access and information exfiltration, providing network backdoor access for monitoring network activity and transferring files.
According to CISA, Ukraine’s SBU security agency exposed the Russian Sandworm’s new malware in early August. The United States and Ukraine have previously linked the Russian GRU’s Main Centre for Special Technologies to Sandworm, it added.
“Russia continues to leverage the cyber domain to advance its war against Ukraine. Our analysis offers guidance to help find and eradicate this threat,” NSA Cybersecurity Director Rob Joyce said in a statement.
Joyce, a two-time Wash100 winner, assured that the collaboration against cyberthreats across U.S. government agencies and international allies will continue.