CHINA TOPIX

11/02/2024 11:33:13 am

Make CT Your Homepage

Russian Hackers Exploit Windows Flaw to Hit NATO, Ukraine

Internet security

(Photo : Reuters)

Security company iSight announced in a blog post Tuesday that Russian hackers have exploited the CVE-2014-4114 vulnerability in the Windows operating system, allowing cyber criminals to target computers used by the European Union, NATO, Ukraine and the energy and telecommunication sectors.

Like Us on Facebook

The firm said the zero-day vulnerability impacts all supported versions of Windows Server 2008 and 2012 and Windows. Microsoft said that it is preparing to patch the vulnerability,  dubbed "Sandworm."

The automatic fix will be a part of the software company's weekly release of updates, nicknamed "Patch Tuesday."

iSight said the exploit was utilized as part of a cyberespionage campaign that lasted five years. The cyber criminals, tagged the "Sandworm team," has been observed by the security firm from the latter part of 2013 to the present, although reports point out that the campaign was in progress since 2009.

One of the team's favorite technique for breaching computer systems is spear phishing with malware attached, while their other exploit methods include the use of Microsoft's Windows zero-day flaw, as well as BlackEnergy crimeware.

Since August of the previous year, the Windows CVE-2014-4114 vulnerability has been used mainly through weaponized PowerPoint documents.

Before its latest attack, iSight said the Sandworm team had launched campaigns targeting the EU and United States military establishments, defense contractors, news organizations and intelligence communities, as well as rebels and jihadists in Chechnya. Its focus, however, has turned towards the conflict between Russia and Ukraine, political issues concerning Russia and energy industries based on the evidence obtained from the phishing emails.

While the computer security experts are not sure what information has been obtained throughout the Sandworm campaign, "the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree."

Real Time Analytics