Russian hackers exploited a bug in Microsoft Windows and other software to spy on computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunications sectors, according to cyber intelligence firm iSight Partners. ISight said it did not know what data had been found by the hackers, though it suspected they were seeking information on the Ukraine crisis, as well as diplomatic, energy and telecom issues, based on the targets and the contents of phishing emails used to infect computers with tainted files. The five-year cyber espionage campaign is still going on, according to iSight, which dubbed the operation "Sandworm Team" because it found references to the "Dune" science fiction series in the software code used by the hackers. The operation used a variety of ways to attack the targets over the years, iSight said, adding that the hackers began only in August to exploit a vulnerability found in most versions of Windows. ISight said it told Microsoft Corp about the bug and held off on disclosing the problem so the software maker had time to fix it. A Microsoft spokesman said the company plans to roll out an automatic update to affected versions of Windows on Tuesday.
- Russian Hackers Said to Haul in Over a Billion Stolen Emails, Passwords
- Just How Did Those Russian Hackers Steal a Billion Passwords?
- Russian Hackers Behind World's Biggest Internet Security Breach