Security News > 2024 > April > Russian Sandworm hackers pose as hacktivists in water utility breaches
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups.
Sandworm - a.k.a. BlackEnergy, Seashell Blizzard, Voodoo Bear, has been active since at least 2009, with multiple governments attributing its operations to Unit 74455, the Main Centre for Special Technologies within the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, better known as the Main Intelligence Directorate.
The group targets journalists and organizations like Bellingcat that investigate Russian government activities using phishing messages.
APT44's activities remain concentrated on Ukraine, with ongoing operations to disrupt and collect intelligence, supporting Russian military and political goals in the region.
Russian hackers target German political parties with WineLoader malware.
US offers $10 million reward for tips on Russian Sandworm hackers.
News URL
Related news
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- US shares tips to block hackers behind recent telecom breaches (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)