INFO-STEALER "The Liberator" Malware disguised as security tool targets Ukraine's Volunteer IT Army

....EXPLOITING THE WAR FOR OPPORTUNISTIC FINANCIAL PROFITS

Now (really) who would ever think of doing that ????????

Probably every capitalist in the world.

Oh yeah!

Talos researchers found that this particular IP has been distributing Phoenix since November 2021.

Hence, the recent theme change indicates this campaign is just an opportunistic attempt to exploit the war in Ukraine for financial profit.

Do not take part in cyber attacks
Understandably, many people are overwhelmed by a sentiment that motivates them to act against unprovoked large-scale military invasions, but taking part in cyberattacks is always a bad idea.

Even when these actions appear to be sponsored by the Ukrainian government, which has the support of the aggregate international community, it does not make their use legal.Users taking part in DDoS, defacement, or network breaching attacks are still at risk of finding trouble with their country’s law enforcement agencies.

This malware distributing campaign is yet another reason why you should avoid taking part in this kind of operation, as in the end, you’ll only put yourself at risk.

The Liberator on its actual website(Cisco)

Malware disguised as security tool targets Ukraine's IT Army

Bill Toulas

BleepingComputer |

A new malware campaign is taking advantage of people's willingness to support Ukraine's cyber warfare against Russia to infect them with password-stealing Trojans.

Last month, the Ukrainian government announced a new IT Army composed of volunteers worldwide who conduct cyberattacks and DDoS attacks against Russian entities.

This initiative has led to a outpouring of support by many people worldwide who have been helping target Russian organizations and sites, even if that activity is considered illegal.

Mimicking a real DDoS tool

As is common with malware distributors, threat actors are taking advantage of the IT Army by promoting a fake DDoS tool on Telegram that installs a password and information-stealing trojan.

In a new report by Cisco Talos, researchers warn that threat actors are mimicing a DDoS tool called the “Liberator”, which is a website bomber for use against Russian propaganda outlets.

While the versions downloaded from the real site are “clean”, and likely illegal to use, those circulated in Telegram hide malware payloads, and there’s no way to tell the difference before executing them as neither is digitally signed.

Telegram post promoting the fake Liberator(Cisco)

The Telegram posts claim that the tool fetches a list of Russian targets to attack from a server, so the user doesn’t need to do much other than execute it on their machine. 

This ease of use is likely to appeal to Ukraine supporters who are not very technical and do not know how to conduct their own attacks to “bomb” Russian sites.

The infostealer

The malware that’s dropped on the victims’ systems performs anti-debug checks before it executes and then follows a process injection step to load the Phoenix information stealer in memory.

Phoenix was first spotted in the summer of 2019, sold in the cybercrime underground as MaaS (malware as a service) for $15/month or $80 for a lifetime subscription.

The particular info-stealer can gather data from web browsers, VPN tools, Discord, filesystem locations, and cryptocurrency wallets, and send them to a remote address, in this case, a Russian IP.

Sample of a data exfiltration from Phoenix(Cisco)

Talos researchers found that this particular IP has been distributing Phoenix since November 2021. Hence, the recent theme change indicates this campaign is just an opportunistic attempt to exploit the war in Ukraine for financial profit.

 

Steely Dan | Reelin' In The Years | Midnight Special

$1.5T AMERICA BUILD BACK BETTER BILL RE-PACKAGED: Doling Out $14 Billion Cash For The Ukraine

Ah the Exigencies of Time & Circumstances gives us 2,471 Pages for Massive Spending

“The bipartisan funding bill proves once more that members of both parties can come together to deliver results for the American people,” White House Press Secretary Jen Psaki said in a statement late Thursday night.

“It will reduce costs for families and businesses, support our economic recovery, and advance American leadership abroad.”

 

March 10, 2022,10:19pm EST

Senate Passes $1.5 Trillion Spending Bill With $14 Billion For Ukraine Aid—Here’s What’s In It

 

Jonathan Ponciano

Forbes Staff

Investing

 

Key Facts

IN THE SENATE: The massive spending package, which would appropriate funds for the government until September 30, passed the Senate on Thursday evening in a bipartisan vote of 68 to 31, with 18 Republicans joining all Democrats voting in support.

IN THE HOUSE: It cleared the House on Wednesday evening in similarly bipartisan votes of 361–69 for the defense portion of the bill and 260–171 for non-defense spending.

Headlining the 2,741-page bill, about $782 billion is allocated for military spending under the Defense Department, while an additional $125 billion has been allocated to the Department of Veterans Affairs.

In addition to funding day-to-day government operations, the bill appropriates about

--- $13.6 billion in emergency aid for Ukraine as it fights off a Russian invasion, with $4 billion to help displaced refugees,

--- $6.5 billion for military assistance and

--- $1.8 billion for any macroeconomic needs, according to the House Committee on Appropriations.

[. ] Among other provisions are the reauthorization of the Violence Against Women Act, which expired in 1994 and provided funds to help prosecute violent crimes against women; a measure to give the Food and Drug Administration regulatory authority over synthetic nicotine; and cybersecurity protections to help curb the risk of infrastructure attacks.

What didn't make the cut? About $16 billion for Covid relief, including tests, vaccines and treatments, was stripped from the bill following last-minute disagreements over how to fund the provision—a move House Speaker Nancy Pelosi (D-Calif.) called “heartbreaking” on Wednesday as she pledged “to fight for urgently needed Covid assistance” in separate legislation slated for a vote as early as next week.

 

When satire is factchecked without needing to be factchecked • FRANCE 24...

U.S. Inflation Hits 40-Year High

LAKE POWELL COULD DIP BELOW A TRIGGER POINT @ 24% CAPACITY

Intro: The decades-old 1,200 year-old drought in The Southwest is not going to go away.

The fact that Lake Powell is so low right now is also disturbing given how disastrously dry of a summer the West had last year.

In August, the federal government declared the first-ever water shortage on the Colorado River, triggering the first wave of water cuts for farmers and businesses. Both Lake Powell and Lake Mead, the two largest reservoirs in the country and crucial for the functioning of the water system along the Colorado River, hit record lows.

One of the U.S. West’s most important water reservoirs is about to hit a new low.

Lake Powell Is in Big Trouble

The crucial reservoir is set to hit a worrisome new low this month, after an exceptionally dry winter.

Lake Powell, on the border of Utah and Arizona, is a crucial reservoir along the Colorado River, part of a system that supplies water for 40 million people in multiple states across the West.

As of Tuesday, according to readings provided by the U.S. Bureau of Reclamation, the lake stood at 3,526 feet (1,074.73 meters) above sea level, or around 24% of its total capacity. That’s just 1 foot above a threshold of water outlined in drought contingency plans, which would trigger additional releases from upstream water sources. Authorities say that this month, the lake could dip below the 3,525-foot (1,074.2-meter) trigger point, part of a series of new lows the lake has been hitting since reaching its previous lowest level on record, 3,555.09 feet (1083.6 meters), in July.

The image above, captured by the European Union’s Copernicus Sentinel-3 satellite in late February, shows the parched Colorado River and Lake Powell from space.

This particular low won’t be permanent; the spring runoff, the Bureau said, should help juice the lake back up. However, the fact that it’s so low in the first place is incredibly worrisome. The lake is sitting dangerously close to the cutoff level for Glen Canyon Dam, which can provide electricity for 5.8 million homes and businesses across Western states. The dam needs at least 3,490 feet of water to run; the 3,525-foot cutoff was designed to provide a buffer in order for the electricity to keep flowing.

“We’re kind of in some uncharted territory, socially and economically,” Justin Mankin, who helps lead the National Oceanic and Atmospheric Administration’s Drought Task Force, told CNN. “It’s totally within reason to expect that the next couple of weeks or so for [Lake Powell] to fall below the critical level. . ."

Read more >> https://gizmodo.com/lake-powell-is-in-big-trouble-1848627341

 

Stocks open lower, oil rises as Russia-Ukraine ceasefire talks stall