Skip to main content

Russian ‘Sandworm’ hacking squad wriggles their way into Windows PCs used by NATO, EU

kentucky hospital subjected to ransomware hacker keyboard
Image used with permission by copyright holder
A team of hackers based in Russia dubbed the “Sandworm Team” has been exploiting a vulnerability in Windows, Windows Server 2008, and Windows Server 2012 in order to spy on multiple public, and private institutions.

iSight, a security firm that is working in concert with Microsoft to track the hackers and plug such flaws, says that when someone uses it to penetrate Windows, they have the ability to “remotely execute arbitrary code.”

iSight also said that anyone trying to take advantage of a flaw to compromise a system would “need a specifically crafted file and use social engineering methods (observed in this campaign) to convince a user to open it.”

Sandworm has used this flaw in Windows and Windows Server to hit the North Atlantic Treaty Organization, or NATO, along with government organizations based in Western Europe, parts of the Ukrainian government, energy companies in Poland, multiple European telecom firms, and academic organizations here at home as well.

To combat the group’s activities, Microsoft has released security fixes that are designed to fix the flaw. Users with Automatic Update enabled on their Windows PCs will download all patches without any input from them.

Digital Trends has contacted iSight to get more information on how to avoid any potential pitfalls associated with flaw that the Sandworm Team has been exploiting. We’ll issue any updates if and when we obtain information from iSight.

Editors' Recommendations

Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
New ways Microsoft is enticing developers to use Windows app store
Microsoft Store Ads on a Dell XPS Laptop.

The Microsoft Build 2022 conference is now underway through Thursday and the brand is revealing a host of updates to its app store in particular.

The Microsoft Store will soon feature Microsoft Store Ads, which will be powered by Microsoft Advertising. The brand said the upcoming feature will allow developers to market their apps to the proper users and highlight new experiences to users. Microsoft said it will soon begin a pilot program for developers to design ad campaigns within Microsoft Advertising. Currently, developers can sign up for the Microsoft Store Ads waitlist.

Read more
Google now has its own way of making Android phones and Windows more compatible
The Your Phone app on an Android phone.

If you own an Android phone and a Windows PC, you'll soon have one more way to use both devices together to get more done. Rolling out later this year to Windows is a Fast Pair feature for Android phones.

Google's announcement at CES 2022 comes alongside a number of improvements on how Android devices can connect to your larger ecosystem of tech products.

Read more
New Windows 11 bug leaves some apps unable to update or repair
Windows 11 blue error crash screen.

Update 11/22: Microsoft has issued a new Windows 11 build that fixes this app-breaking bug. The build (22000.348) is currently available to Windows Insiders in the Beta and Release Preview channels, and we expect it to roll out as an official build soon. If you're not an Insider, Kaspersky has released guidance on how to bypass the issue. Original story follows. 

There's a new bug plaguing some Windows 11 users. This time around, some apps are unable to be updated or repaired after the latest Windows 11 cumulative update is installed, according to Microsoft.

Read more