Skip to main content

Russian ‘Sandworm’ hacking squad wriggles their way into Windows PCs used by NATO, EU

kentucky hospital subjected to ransomware hacker keyboard
Image used with permission by copyright holder
A team of hackers based in Russia dubbed the “Sandworm Team” has been exploiting a vulnerability in Windows, Windows Server 2008, and Windows Server 2012 in order to spy on multiple public, and private institutions.

iSight, a security firm that is working in concert with Microsoft to track the hackers and plug such flaws, says that when someone uses it to penetrate Windows, they have the ability to “remotely execute arbitrary code.”

iSight also said that anyone trying to take advantage of a flaw to compromise a system would “need a specifically crafted file and use social engineering methods (observed in this campaign) to convince a user to open it.”

Sandworm has used this flaw in Windows and Windows Server to hit the North Atlantic Treaty Organization, or NATO, along with government organizations based in Western Europe, parts of the Ukrainian government, energy companies in Poland, multiple European telecom firms, and academic organizations here at home as well.

To combat the group’s activities, Microsoft has released security fixes that are designed to fix the flaw. Users with Automatic Update enabled on their Windows PCs will download all patches without any input from them.

Digital Trends has contacted iSight to get more information on how to avoid any potential pitfalls associated with flaw that the Sandworm Team has been exploiting. We’ll issue any updates if and when we obtain information from iSight.

Editors' Recommendations

Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Google now has its own way of making Android phones and Windows more compatible
The Your Phone app on an Android phone.

If you own an Android phone and a Windows PC, you'll soon have one more way to use both devices together to get more done. Rolling out later this year to Windows is a Fast Pair feature for Android phones.

Google's announcement at CES 2022 comes alongside a number of improvements on how Android devices can connect to your larger ecosystem of tech products.

Read more
New Windows 11 bug leaves some apps unable to update or repair
Windows 11 blue error crash screen.

Update 11/22: Microsoft has issued a new Windows 11 build that fixes this app-breaking bug. The build (22000.348) is currently available to Windows Insiders in the Beta and Release Preview channels, and we expect it to roll out as an official build soon. If you're not an Insider, Kaspersky has released guidance on how to bypass the issue. Original story follows. 

There's a new bug plaguing some Windows 11 users. This time around, some apps are unable to be updated or repaired after the latest Windows 11 cumulative update is installed, according to Microsoft.

Read more
Windows 11 is borrowing from the Mac in one significant way
panos panay at the Windows 11 event.

Matching MacOS standards, Microsoft has announced that Windows will now release major updates once a year, ditching its tradition of delivering two feature updates per year. This new release cadence will be kicked off by the release of Windows 11, which was officially announced this week by Microsoft, later this year.

There have been multiple complaints about Windows 10’s updates since day one. Microsoft has been releasing two major updates every year and users have been annoyed with their frequency and quality. The company’s two major feature releases each year push the operating system to force update some of the devices that may be running on a version that's not meeting the end of service.

Read more