BOSTON (Reuters) – Russian hackers exploited a bug in Microsoft Windows and other software to spy on computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunications sectors, according to cyber intelligence firm iSight Partners.
iSight said it did not know what data had been found by the hackers, though it suspected they were seeking information on the Ukraine crisis, as well as diplomatic, energy and telecom issues, based on the targets and the contents of phishing emails used to infect computers with tainted files.
The five-year cyber espionage campaign is still going on, according to iSight, which dubbed the operation “Sandworm Team” because it found references to the “Dune” science fiction series in the software code used by the hackers.
The operation used a variety of ways to attack the targets over the years, iSight said, adding that the hackers began only in August to exploit a vulnerability found in most versions of Windows.
iSight said it told Microsoft Corp about the bug and held off on disclosing the problem so the software maker had time to fix it.
A Microsoft spokesman said the company plans to roll out an automatic update to affected versions of Windows on Tuesday.
There was no immediate comment from the Russian government, NATO, the EU or the Ukraine government.
Researchers with Dallas-based iSight said they believed the hackers are Russian because of language clues in the software code and because of their choice of targets.