Published on October 14, 2014 at 9:11
Washington: A cyber espionage campaign believed to be based in Russia has been targeting government leaders and institutions for nearly five years.
This valuable information is from researchers with I Sight Partners who are experts in analyzing codes used in the cyber attacks.
The campaign, called “Sandworm” is believed to have been running since 2009.
This is reported to have been using for a wide-reaching zero-day exploit, uncovered by the researchers that affects nearly every version of the Windows operating system since the release of the Windows Vista.
It appeared that Sandworm was focused on nabbing documents and emails containing intelligence reports and diplomatic information about Ukraine, Russia and other topics of importance in the region.
But it has also seen attempted to steal SSL keys and code-signing certificates, which according to I Sight were used by the attackers probably to further their campaign and breach other systems.
The researchers described the operation as “Sandworm” because it is seen that the attackers have made multiple references to the science fiction series ‘Dune’ in their code.
As per mentioned in the Frank Herbert books, Sandworms are desert creatures on a planet called Arrakis who are worshipped as god-like entities.
Video on Russian Hacker Sandworm