The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Russian hackers spying on NATO, Ukraine for years

2014-10-14 09:51 by
Tags: ,

 

Researchers from Security company iSight have discovered a malware attack that was used by Russian hackers against NATO, the European Union and Ukraine. The attack is believed to have started in 2009, and used a well-known zero-day exploit that affects nearly every version of the Windows operating system released since Windows Vista. iSight has named the vulnerability CVE-2014-4114 "SandWorm".

"We can confirm that NATO was hit; we know from several sources that multiple organizations in the Ukraine were targeted," said John Hultquist, senior manager of cyber-espionage threat intelligence for iSight. "We have seen them using Ukrainian infrastructure as part of their attacks."

"The vulnerability exists because Windows allows the OLE packager (packager.dll) to download and execute INF files," the iSight researchers said. "In the case of the observed exploit, specifically when handling Microsoft PowerPoint files, the packager allows a Package OLE object to reference arbitrary external files, such as INF files, from untrusted sources."

The experts from iSight are still unaware of what data has been stolen throughout the Sandworm campaign:

"Though we have not observed details on what data was exfiltrated in this campaign, the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree," the researchers said.

The company alerted governments and companies that have been targeted, and began working with Microsoft to patch the zero-day vulnerability. Meanwhile, Microsoft will provide an automatic fix for the vulnerability as part of today's Patch Tuesday release.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
comment discuss top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About