https://medium.com/@jeffreycarr/the-gru-ukraine-artillery-hack-that-may-never-have-happened-820960bbb02d#.
from link
Crowdstrikes latest report regarding Fancy Bear contains its most dramatic and controversial claim to date; that GRU-written mobile malware used by Ukrainian artillery soldiers contributed to massive artillery losses by the Ukrainian military. Its pretty high confidence that Fancy Bear had to be in touch with the Russian military, Dmitri Alperovich told Forbes. This is exactly what the mission is of the GRU.
Crowdstrikes core argument has three premises:
Fancy Bear (APT28) is the exclusive developer and user of X-Agent [1]
Fancy Bear developed an X-Agent Android variant specifically to compromise an Android ballistic computing application called Попр-Д30.apk for the purpose of geolocating Ukrainian D-30 Howitzer artillery sites[2] The D-30 Howitzers suffered 80% losses since the start of the war.[3]
If all of these premises were true, then Crowdstrikes prior claim that Fancy Bear must be affiliated with the GRU [4] would be substantially supported by this new finding. Dmitri referred to it in the PBS interview as DNA evidence.
In fact, none of those premises are supported by the facts...
?