This Windows Bug Was Used To Spy On NATO, Ukraine

Cyber intelligence firm iSight Partners has identified a bug in Microsoft Windows that Russian hackers have exploited to target Western governments.
Posted at 11:33 AM, Oct 14, 2014

For years, a flaw in Microsoft Windows has reportedly let Russian hackers spy on major European targets.

This according to cyber intelligence firm iSight Partners. Among the apparent targets: multiple Western governments, NATO, the Ukrainian government, European energy and telecom companies and an American academic institution. 

The hackers also reportedly targeted participants of this year's Globsec — a national security conference that hosts foreign ministers and leaders from around the world. (Video via NATO

iSightsays the hackers used a "zero-day vulnerability impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012."

They then penetrated foreign computer networks with malicious Powerpoint documents. Opening the documents gave the hackers control of the computers.

It's unclear what type of data might have been stolen, but iSight says there's reason to believe the hackers may have been passing the information along to Moscow. 

The Washington Post quotes iSight's senior director as saying: "This is consistent with espionage activity. ... All indicators from a targeting and lures perspective would indicate espionage with Russian national interests."

The researchers say the targets had ties to the current crisis in Ukraine — which has pitted pro-Russian separatists against the government in Kiev. Regional governments were sent infected emails claiming to contain intelligence on extremist activity. (Video via RT

iSight says although it discovered the bug last month, the hacking activity has apparently been going on since 2009.

The researchers have dubbed the hacking team "Sandworm" because they referenced Frank Herbert's sci-fi book series "Dune" in their code. (Video via Syfy / "Dune"

To address the bug, on Tuesday Microsoft will issue a patch for the vulnerability. 

This video includes images from Getty Images, Paul Hudson / CC BY 2.0 and Global Panorama / CC BY SA 2.0.