{"id":49294,"date":"2022-11-15T01:30:11","date_gmt":"2022-11-15T01:30:11","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/"},"modified":"2022-11-15T01:30:11","modified_gmt":"2022-11-15T01:30:11","slug":"russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/","title":{"rendered":"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while"},"content":{"rendered":"<p>US government agencies including the Army and Centers for Disease Control and Prevention pulled apps running Pushwoosh code after learning the software company \u2013 which presents itself as American \u2013 is actually Russian, according to Reuters.<\/p>\n<p>Pushwoosh is a software company that provides code and data analysis for developers so they can automate custom push notifications based on smartphone users&#8217; online activity. This is the same kind of tracking data \u2013&nbsp;aka <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/09\/09\/mozilla_cso_ftc_surveillance\/\" rel=\"noopener\">commercial surveillance<\/a> \u2013 that major US tech companies like <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/10\/04\/google_privacy_lawsuit_settlement\/\" rel=\"noopener\">Google<\/a> and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/10\/04\/metas_facebook_webview_chromium\/\" rel=\"noopener\">Meta<\/a> have come under fire for collecting by privacy advocates and watchdog agencies alike.&nbsp;<\/p>\n<p>However, in this case, it&#8217;s a Russian company collecting and processing this data. That means in addition to regular old privacy concerns, there&#8217;s also <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/09\/09\/data_tracking_national_security_risk\/\" rel=\"noopener\">national security<\/a> worries on the line \u2013 especially when the US military uses the code.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The US Army removed the app in March, we&#8217;re told.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;The app in question was developed in 2016 by an individual who is no longer associated with the National Training Center (NTC) using a free version of Pushwoosh,&#8221; US Army spokesperson Bryce Dubee told <em>The Register<\/em>, adding there was no contract. &#8220;NTC reports they did not have any knowledge that Pushwoosh code was part of the app and were not aware of Pushwoosh itself or that it was a Russian-owned company.&#8221;<\/p>\n<p>&#8220;As regulations and guidance have become more stringent since 2016, PM Army Mobile moved to have the app taken offline completely while conducting a routine review of authorized apps,&#8221; Dubee continued. &#8220;Additionally, regulations do not authorize the use of free software when paid software is available, and consequently, the PM Army Mobile team would have immediately disallowed\/disapproved the use of free software.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>In addition to the US government agencies, consumer goods giant Unilever, the Union of European Football Associations, American gun lobby group National Rifle Association, and Britain&#8217;s Labour Party also installed Pushwoosh code in their apps, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.reuters.com\/technology\/exclusive-russian-software-disguised-american-finds-its-way-into-us-army-cdc-2022-11-14\/\">Reuters<\/a> reported.<\/p>\n<p>Apps running Pushwoosh code are available on Google Play and Apple&#8217;s App Store, and the company claims its code runs on more than 2.3 billion connected devices, according to its <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.pushwoosh.com\/about\/?utm_content=pwwebsite&amp;utm_term=menu&amp;utm_campaign=about\">website<\/a>.<\/p>\n<p>While it doesn&#8217;t list a company address anywhere on the website &#8211; it notes offices in &#8220;multiple countries&#8221; but doesn&#8217;t name any of them \u2013 Pushwoosh is headquartered in Novosibirsk, a city in southwestern Siberia, the newswire claimed.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>According to its <a href=\"https:\/\/twitter.com\/Pushwoosh\" rel=\"nofollow\">Twitter profile<\/a>, the company is based in Washington, DC, and on <a href=\"https:\/\/www.linkedin.com\/company\/pushwoosh\/\" rel=\"nofollow\">LinkedIn<\/a> and in <a href=\"https:\/\/www.pr.com\/press-release\/863198\" rel=\"nofollow\">press releases<\/a> it claims to be based in Maryland.&nbsp;<\/p>\n<p>As tensions have escalated between the US and Russia following the illegal Russian invasion of Ukraine earlier this year, Russian software companies have come under increasing scrutiny from the Feds. Even before the war, some had already ended up on the <a href=\"https:\/\/www.theregister.com\/2021\/04\/16\/positive_technologies_us_sanctions_groundless\/\">banned list<\/a> over fears that they are spyware fronts for the Kremlin.&nbsp;<\/p>\n<p>The US Army in March pulled an app used by soldiers that contained Pushwoosh code because of security concerns, we&#8217;re told.<\/p>\n<p>Additionally, the CDC told Reuters it had been tricked into believing Pushwoosh was a US-based company. After learning it was Russian, the top health agency removed Pushwoosh software from seven apps, also citing security concerns.<\/p>\n<p>In an earlier email exchange, Reuters quotes Pushwoosh&#8217;s founder, Max Konev, as saying: &#8220;I am proud to be Russian and I would never hide this.&#8221; He added that his company &#8220;has no connection with the Russian government of any kind&#8221; and stores its data in the US and Germany.<\/p>\n<p>Pushwoosh did not immediately respond to <em>The Register<\/em>&#8216;s inquiries.<\/p>\n<p>When asked if Google plans to pull Pushwoosh apps from the Google Store, a spokesperson told <em>The Register<\/em>: &#8220;Privacy and SDK safety are huge areas of focus for Google Play and Android. When we find apps that violate Google Play policies, we take appropriate action.&#8221;<\/p>\n<p>Push On, with more than 1,000 downloads, is still <a href=\"https:\/\/play.google.com\/store\/apps\/details?id=com.pushwoosh.pushon&amp;hl=en_US&amp;gl=US\" rel=\"nofollow\">listed<\/a> on Google Play.<\/p>\n<p>Apple did not respond to <em>The Register<\/em>&#8216;s request for comment. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/11\/15\/russia_pushwoosh_us_army\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Russian data trackers \u2026 what could possibly go wrong? US government agencies including the Army and Centers for Disease Control and Prevention pulled apps running Pushwoosh code after learning the software company \u2013 which presents itself as American \u2013 is actually Russian, according to Reuters.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-49294","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-11-15T01:30:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while\",\"datePublished\":\"2022-11-15T01:30:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/\"},\"wordCount\":669,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/\",\"name\":\"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-11-15T01:30:11+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/","og_locale":"en_US","og_type":"article","og_title":"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-11-15T01:30:11+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while","datePublished":"2022-11-15T01:30:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/"},"wordCount":669,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/","url":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/","name":"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-11-15T01:30:11+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y3MDoSSm2fJY-lodN@RJOQAAAMk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/russia-based-pushwoosh-tricks-us-army-and-others-into-running-its-code-for-a-while\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Russia-based Pushwoosh tricks US Army and others into running its code \u2013 for a while"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/49294","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=49294"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/49294\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=49294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=49294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=49294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}