Russian Hackers Used Microsoft Bug to Spy on Ukraine and NATO - Mashable

October 16, 2014

Russian Hackers Used Microsoft Bug to Spy on Ukraine and NATO - Mashable

Mashable, By Lorenzo Franceschi-Bicchierai

A group of Russian hackers used a previously undisclosed Microsoft bug to spy on the Ukrainian government and NATO officials, security researchers said.

The hackers used spear-phishing emails with malicious attachments, such as PowerPoint files, to target various victims across Europe and at least one in the United States, according to a report by iSight Partners published on Tuesday.

The group is apparently comprised of fans of the sci-fi novel Dune; their malware made various references to Frank Herbert's classic, earning them the nickname "Sandworm Team."

Researchers at iSight believe that the signs point to Russian hackers, based on a variety of information including their targets, the information they sought and several clues left in the cyberespionage campaign's infrastructure. (iSight did not specify what those clues were.)

"No matter how good you are, the targets almost always give away who you are,"

"No matter how good you are, the targets almost always give away who you are," John Hultquist, the senior manager at iSight, told Mashable.

But the researchers are careful to note that not enough evidence exists to say the group is definitively backed by the Russian government. The hackers were not seeking information from the black market, though, which would normally would indicate cybercriminals looking to earn a profit.

According to many cybersecurity experts, attribution is the hardest part of the job; not everyone is convinced the group has Russian origins.

"Proving this connection is extremely difficult," Alex Gostev, a security researcher at the Russian firm Kaspersky Lab, told Mashable. Read more.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Russian Hackers Used Microsoft Bug to Spy on Ukraine and NATO - Mashable

Russian Hackers Used Microsoft Bug to Spy on Ukraine and NATO - Mashable

About Kaspersky

Related Articles Press Releases

Kaspersky Lab Joins Forces with Merchant Risk Council to Help Combat eCommerce Fraud

Kaspersky Lab North America Recognized on CRN’s 2018 Security 100 List

Kaspersky Lab North America Releases its Inaugural Corporate Social Responsibility Report

Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment

Poor Security Practices put Cloud-Driven Business Growth and Cost Savings at Risk

Kaspersky Lab Story of the Year 2017: More Than One Quarter of Ransomware Attacks Target Businesses

Kaspersky Lab Survey: IT Security Experts Uncertain on How to Combat Targeted Attacks

Kaspersky Lab Creates Pop-Up Shop Experience Using New Currency to Showcase the Value of Personal Data

Kaspersky Lab Enters Endpoint Detection and Response Market with New Solution

Kaspersky Lab North America Champions National Cyber Security Awareness Month 2017