Hackers have been in the news on a regular basis — sometimes for their escapades, other times for their convictions. The latest among them is a Russian hacking collective that has been spying on high-profile targets for the last five years. The collective is being referred to as the Sandworm Team by iSight Partners, which made the discovery, due to Dune references spotted in the hackers’ code. The hacking efforts are said to be ongoing even now, and involve phishing tactics to infect the various targets’ computers.
Aside from using phishing emails, the hackers are said to have been using a Windows vulnerability since this past August, which iSight Partners informed Microsoft about ahead of releasing public details. Yesterday Microsoft pushed out an automatic update that fixed this problem.
The targets are varied, and include entities ranging from telecommunications and energy companies to the European Union, NATO, and Ukraine. ISight says it does not know what kind of information the hackers have been able to grab, but based on what it knows about targets and the phishing emails, the hackers are believed to be scouting out info on diplomatic problems, the crisis in the Ukraine, and more.
A report detailing the so-called Sandworm Team was sent out to iSight’s clients yesterday, and among it is included information on why they believe the hackers to be Russian: namely, the targets they are focused on and “language clues”. The act of spying rather than attacking leads the researchers to believe the collective is backed by the Russian government.