The cited article goes into depth about how certain it is that a hacking group, referred to as FANCY BEAR, are almost certainly responsible for the attack. The app has been developed by an Ukrainian officer to help process targeting data faster, and has been distributed in forums and profiles used by artillery unit commanders.
The application was designed for use with the D-30 122mm towed howitzer, a Soviet-made artillery weapon still in use today. However, it appears that the Android app was infected with a trojan.
In the summer this year, CrowdStrike started investigating the Android version of this malware, "which contained a number of Russian language artifacts that were military in nature". It also used a "very similar" 50-byte encryption key.
CrowdStrike, which linked the Fancy Bear group with the attack on the US Democratic National Committee, believes that the group is affiliated with Russian military intelligence, and works closely with Russian military forces operating in Eastern Ukraine and its border regions in Russia.
Idaho to complete unlikely season in Potato Bowl
We've moved this steadily toward the Rams since opening two weeks ago, going from an opener of -13 to the current -15.5. Colorado State began the season just 2-3 but finished the year by winning five out of its last seven.
Russian President Vladimir Putin has repeatedly rejected claims by the US President Barack Obama's administration that the highest levels of the Russian government were involved in trying to influence the US presidential election.
The filename "Попр-Д30.apk" was linked to a legitimate application which was initially developed domestically within Ukraine by an officer of the 55th Artillery Brigade named Yaroslav Sherstuk.
The Russian agency, GRU, had successfully hacked an Android app created by the Ukrainian army to track their movements on the battlefield. (A video covering the artillery units using the application is shown below). Fancy Bear is using its malware to retrieve communications and gross locational data from infected devices, in order to identify the general location of Ukrainian artillery forces and engage them, the firm added.
Near the city of Mariupol, militant units fired 122 milimeters artillery on Novohryhorivka, used mortars against Krasnohorivka and Pavlopil, fired grenade launchers, submachine guns and small arms on Talakivka, Shyrokyne and Maryinka, as well as fired infantry fighting vehicle weapons on Talakivka, the press service said in its morning report, posted on Facebook. "A late 2014 public release would place the development timeframe for this implant sometime between late-April 2013 and early December 2014", Crowdstrike writes in its report. In just 5 months, by some estimates, Ukrainian forces lost more than 80 percent of their deployed D-30 Howitzers.