UJ.com

Top 2 

                        FRIDAY, MARCH 29, 2024
Make Homepage /  Add Bookmark
Front Page
Nation
Business
Search
Subscription
Advertising
About us
Copyright
Contact
 

   Username:
   Password:


Registration

 
GISMETEO.RU
UJ Week
Top 1   

    
Nation    

Key hacker works with FBI on Russia probe
Journal Staff Report

KYIV, Aug. 16 – A Ukrainian hacker, whose PAS Web shell malware was used by Russian state sponsored hacking team to attack U.S. elections in 2016, has turned himself in to Ukrainian authorities, The New York Times reported Wednesday.

‘Profexor,’ as the hacker is known, is cooperating with Ukrainian investigators and with the Federal Bureau of Investigations’ probe into the attack on the election.

The development may provide information that would help implicate the Fancy Bear team of Russian hackers, also known as APT 28, or Advanced Persistent Threat 28, an elusive team that is believed to be part of GRU, Russia’s military intelligence team working against global targets.

Russian President Vladimir Putin has repeatedly denied any Russian state involvement in hacking the U.S. election and other high-profile targets.

Profexor has not been charged in Ukraine, as he didn't use his remote access tool himself for malicious purposes. He did offer a version of the remote access tool for free on his member-only website, but he also built custom versions and provided training for pay.

One of his customers was someone who used the tool in connection with malware connected to Fancy Bear to establish a backdoor into the Democratic National Committee's network.

Ukrainian lawmaker Anton Herashchenko, a former advisor to Ukraine's interior minister told the Times that Profexor's contact with the Russians behind the DNC hack was entirely via online conversations and voice calls. Gerashchenko said that Profexor was paid to write a custom version of his tool without knowing what it would be used for.

The PAS Web shell was identified by the U.S. Department of Homeland Security and FBI in the Joint Analysis Report issued in December. After his tool was identified in the report, Profexor panicked and shut down his website. Soon afterward, he contacted Ukrainian law enforcement authorities. "He told us he didn't create it to be used in the way it was," chief of the Ukrainian Cyber Police Serhiy Demediuk told the Times.

The use of outsourced tools and malware developed by cybercriminals and other hackers is consistent with other hacking campaigns attributed to Russia's GRU and FSB intelligence organizations. Some of the exploits used by "Fancy Bear" were apparently developed by Zorsecurity, a Russian cybersecurity firm under contract to the GRU and FSB, according to Ars Technica. (nr/ez)




Log in

Print article E-mail article


Currencies (in hryvnias)
  28.03.2024 prev
USD 39.23 39.14
RUR 0.425 0.422
EUR 42.44 42.44

Stock Market
  27.03.2024 prev
PFTS 507.0 507.0
source: PFTS

OTHER NEWS

Ukrainian Journal   
Front PageNationBusinessEditorialFeatureAdvertisingSubscriptionAdvertisingSearchAbout usCopyrightContact
Copyright 2005 Ukrainian Journal. All rights reserved
Programmed by TAC webstudio