Category Archives: Sandworm

Russia’s Sandworm hackers blamed in fresh Ukraine malware attack

One of the Russian military’s most prolific hacking units deployed yet another destructive malware attack against Ukrainian targets this week, researchers with cybersecurity firm ESET said Friday. The researchers attributed the attack to the hacking unit known widely as “Sandworm,” a group in the Russian Main Intelligence Directorate, or GRU, behind a series of destructive […]

Notorious Russian military hacking crew behind October ransomware attacks on Ukraine, Poland

Researchers at Microsoft said Thursday that an attack on transportation and logistics companies in Ukraine and Poland last month was the work of a notorious Russian military intelligence unit. The Oct. 11 attack — dubbed “Prestige” — attempted to cripple access to computers across the organizations it targeted. When successful, the attack effectively made it […]

Russia’s digital attacks are haphazard, chaotic, says top Ukrainian cyber official

The overall Russian approach to incorporating cyberattacks into its ongoing assault on Ukraine is “chaotic,” and reflects an “absence of strategy,” Victor Zhora, one of Ukraine’s top cybersecurity officials, told CyberScoop Wednesday. Speaking during the Black Hat cybersecurity convention in Las Vegas, which is taking place six months after the Russian invasion, Zhora said although […]

Microsoft ties January Ukraine attack to notorious Sandworm group

Microsoft on Wednesday tied a January data-wiping malware attack in Ukraine to notorious Russian hacking group Sandworm. The new link fleshes out the operations of the group, also dubbed Iridium by Microsoft, during a heated war between Russia and Ukraine. Ukraine has already blamed the Sandworm group, which is affiliated with Russia’s GRU military agency […]

State Department announces $10M bounty for Russian intelligence hackers behind NotPetya

The State Department announced Tuesday that it is offering a reward of up to $10 million for information leading to six Russian intelligence hackers responsible for the infamous 2017 NotPetya malware. That malware knocked out Chernobyl’s radiation monitoring system and did more than $1 billion in damage to a number of U.S. organizations, according to a […]

Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say

The Ukrainian government repelled a Russian cyberattack that was set to take out multiple electricity substations and other parts of a grid serving 2 million people on April 8, the Ukrainian government said Tuesday. The Russian military intelligence hacking group known as Sandworm — a prolific and persistent operation behind the infamous 2016 power grid hack […]

DOJ’s Sandworm operation raises questions about how far feds can go to disarm botnets

The notion that citizens are protected from unreasonable search and seizure is a bedrock legal principle: A court must issue a search warrant before police can enter a private home and ransack it looking for evidence.  In what former prosecutors and legal experts call a landmark operation, the Department of Justice has now tested that […]

US says it disrupted Russian botnet ‘before it could be weaponized’

The U.S. government disrupted a botnet built by the Sandworm hacking group of Russia’s GRU intelligence agency before it could be used for malicious purposes, officials said Wednesday at a news conference. “Thanks to our close work with international partners, we were able to detect the infection of thousands of network hardware devices,” Attorney General […]

Sandworm-linked botnet has another piece of hardware in its sights

Botnet activity that drew loud warnings last month from U.S. and U.K. cybersecurity agencies has expanded to a second type of hardware, according to researchers at Trend Micro. The CyclopsBlink malware is now targeting routers from hardware maker ASUS, the researchers said Thursday, after first being discovered on Firebox devices from WatchGuard. Both manufacturers have […]

Qualys researchers uncover 21 bugs in Exim mail servers

Researchers have found 21 unique vulnerabilities in Exim, a popular mail transfer agent, some of which would allow hackers to run full remote unauthenticated code execution against targets, the Qualys Research Team announced Tuesday. If used properly, attackers could execute commands to install programs, manipulate data, create new accounts or change settings on the mail […]

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.