Security researchers are urging pro-Ukrainian actors to be wary of downloading DDoS tools to attack Russia, as they may be booby-trapped with info-stealing malware.
In late February, Ukrainian vice prime minister, Mykhailo Fedorov, called for a volunteer “IT army” of hackers to DDoS Russian targets.
However, Cisco Talos claimed that opportunistic cyber-criminals are looking to exploit the subsequent widespread outpouring of support for the Eastern European nation.
Specifically, it detected posts on Telegram offering DDoS tools which were actually loaded with malware. One such tool, dubbed “Liberator,” is offered by a group calling itself “disBalancer.” Although legitimate, it has been spoofed by others, said Cisco.