Russias Joker DPR Claims Access to Ukraine Troop Movement Data

  /     /     /  
Publicated : 23/11/2024   Category : security


Russias Joker DPR Claims Access to Ukraine Troop Movement Data


A hacktivist group working with Russia claims it breached DELTA, the Ukrainian battlefield management system (BMS).



The Joker DPR threat group has been around and functioning as an arm of the Russian state since 2019, largely focused on
spreading disinformation
and leaking sensitive Ukrainian government and military secrets stolen by insiders friendly to Russia. Its goal is undermining peoples confidence in the countrys institutions, but no one should be fooled into thinking Joker DPR is a sophisticated group of super-hackers — its not.
In its own words, Joker DPR wants to destroy the clowns running Ukraines government (DPR is the English acronym for a separatist group in eastern Ukraine called Donetsk Peoples Republic). And in November, it made a startling claim that would seem to further that agenda — that it had real-time access to DELTA, the
Ukraine militarys
 battlefield management system (BMS). If true, this would have given the group insights into military planning for the Armed Forces of Ukraine (AFU).
However, according to
new analysis from Recorded Future
, that claim was vastly exaggerated.
Recorded Future and other cybersecurity experts were dubious about the
hacktivist groups
 allegations and found after analysis of Joker DPRs proof of compromise that instead of gaining full access, the threat group is far more likely to have access to an individual user account.
The distinction hardly mattered to Joker DPR, since Russian media quickly picked up the story and proclaimed that the Russians had a full backdoor into
Ukraines DELTA system
.
After the claim of compromise, AFU commanders might choose not to use the sophisticated system on the battlefield —
a win for Russia
. The Recorded Future researchers said they have sources which show that this tactic was effective.
Given that the breach was unlikely to have occurred in the manner Joker DPR described, in real terms, the greatest damage Joker DPR could have inflicted was through the assertion of the breachs existence, the Recorded Future researchers added. Joker DPR was essentially claiming that it had real-time access to the BMS.
The report added that the fact that Russian media was so eager to pick up the story further signals Joker DPR didnt actually have the access to DELTA as claimed. If it had real-time intel into the AFUs movements, Russia would not be so quick to give away their advantage, Recorded Futures research explained.
Although the group wants to give the impression of being a band of super hackers, in reality, the group hasnt displayed dazzling hacking abilities, according to Recorded Futures analysis.
Put simply, the group does not appear to specialize in hacking, and it will take what it can get to support its information agenda, a researcher who prefers to remain anonymous from Recorded Future tells Dark Reading. Joker DPR first and foremost specializes in information operations, and any cyber activity that occurs within the umbrella of the group is only meant to support those operations.
That makes it tricky to try and predict Joker DPRs next target.
Joker DPRs activities suggest the group is more opportunistic with its cyber activity, using its platform to amplify news of compromises in an effort to undermine the credibility of the Ukrainian government and military, Recorded Futures researcher says. This is in contrast to
groups like Killnet
that display consistency in their tactics, techniques, and procedures (TTP) and targets.
The likelihood of international law enforcement reaching Joker DPR in Russia is small, but Recorded Futures analysis hopes to raise the groups profile to help protect Ukraines forces from Russian-aligned groups, as well as push pack against ongoing Russian disinformation campaigns.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Russias Joker DPR Claims Access to Ukraine Troop Movement Data