Locked in a bitter battle with Russian-backed separatists, a Ukrainian artillery officer devised a cell phone app that allowed his men to aim and shoot their howitzers in seconds rather than minutes.
But after they showed it off on YouTube, said Adam Meyers of the computer security firm CrowdStrike, Russian military intelligence soon hacked into the app.
“The backdoor allowed them full access to the device. Every member that was in there, even the geographic location,” Meyers said.
Basically, malware turned the phones using the app into beacons. Those beacons were then used to target Ukrainian military units.
People were actually getting killed as a result of the hack.
The malware has digital footprints all over it, including an IP address familiar to Meyers and CrowdStrike.
“That’s actually a server that we’ve associated previously with the Fancy Bear actor,” he said.
“They’re really good at what they do and they’re doing it pretty much all day, every day,” Meyers said.
Only in this case, the cyberattack was not just disruptive -- it was deadly.