Russian hackers targeted NATO using Microsoft's Windows Bug, he spied on NATO computers and European Union, Ukraine and companies in the energy and telecommunications sectors, according to cyber intelligence firm iSight Partners.iSight says that the team as previously launched campaigns targeting the US and EU intelligence communities, military establishments, news organizations and defense contractors as well as jihadists and rebels in Chechnya.
However, focus has turned towards the Ukrainian conflict with Russia, energy industries and political issues concerning Russia based on evidence gleaned from phishing emails.
The cybersecurity experts do not know what data has been lifted throughout the Sandworm campaign, however, "the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree."
Microsoft spokesman said the company plans to roll out an automatic update to affected versions of Windows on Tuesday.
There was no immediate comment from the Russian government, NATO, the EU or the Ukraine government.
Researchers with Dallas-based iSight said they believed the hackers are Russian because of language clues in the software code and because of their choice of targets.
The hacking campaign has been dubbed Sandworm because the researchers found reference to the science fiction series Dune in the software code.
Other victims include energy, telecommunications and defence firms, delegates of the GlobSec conference about national security and an academic who was an expert in Russian-Ukraine relations.
The exploit has been used as part of a five-year cyberespionage campaign, according to iSight. The hackers, dubbed the "Sandworm team" -- based on coded references to the science fiction series Dune have been monitored by iSight from late 2013 to the present day, although the campaign appears to have been in action since 2009.
Spear phishing with malicious files attached is one of the favored methods of infiltrating computer systems, and other exploit methods include the use of BlackEnergy crimeware, as well as Microsoft's Windows zero-day flaw.
