A Russian hacking group known as Fancy Bear has likely used a malware implant on Android devices to track and target Ukrainian artillery units, a new report says.
The malware was able to retrieve communications and some locational data from infected devices from late 2014 through 2016, the Virginia-based cybersecurity firm CrowdStrike said in the report released on December 22.
It said the intelligence would have likely been used to strike against the artillery in support of Russia-backed separatists in eastern Ukraine.
The malware used to track Ukrainian artillery units was a variant of the kind used to hack into the U.S. Democratic National Committee (DNC) during the presidential election this year, said CrowdStrike cofounder Dmitri Alperovitch.
CrowdStrike was hired to investigate the DNC hack, which it has attributed to Fancy Bear.
The firm has also found evidence that the hacking group was tied to the Russian state, which Moscow has denied.