Quantcast
Connect with us

Infamous Russian hacker group Sandworm is now hijacking mail servers

Published

on

hacker mr robot
A new report from the US National Security Agency reveals that a group of Russian hackers associated with that government’s military-intelligence agency, GRU, has been exploiting a technical vulnerability to hack into American computers.

In a Thursday advisory, the National Security Agency (NSA) wrote that “Russian cyber actors from the GRU Main Center for Special Technologies, field post number 74455, have been exploiting a vulnerability in Exim Mail Transfer Agent software since at least August 2019. The cyber actors responsible for this malicious cyber program are known publicly as Sandworm team.”

ADVERTISEMENT

Exim is used by Unix systems connected to the Internet. According to the NSA, “an unauthenticated remote attacker can send a specially crafted email to execute commands with root privileges allowing the attacker to install programs, modify data, and create new accounts” by exploiting a critical vulnerability in Exim. The bug makes it possible for hackers to send specially crafted emails that install new programs, modify data, and in other ways tamper with the computers that have been infected.

More sobering than this is the identity of the hackers: Sandworm is widely considered one of the most notorious hacker groups in the world.

“It’s thought that they were behind the BlackEnergy malware attacks in 2015 and 2016 that used a multi-pronged campaign to cause power outages in Ukraine – both times in the winter,” Lindsay Gorman, a Fellow for Emerging Technologies at the Alliance for Securing Democracy, told Salon by email. “A spearphishing campaign penetrated the IT systems of Ukranian power distribution companies, seized control of them, and then used distributed denial of service attacks to prevent information on the outages from being sent out.

Gorman also noted that Sandworm is taking advantage of a vulnerability that has been around for a long time.

“The interesting thing is that the vulnerability being exploited here is not new,” she explained. “It was previously discovered and a patch was already issued back in June. The advisory coming now could be serving an awareness-raising function, indicating that not all systems have actually downloaded and run the patch. This a reminder that cyber vigilance is not only about discovering exploits, but having robust systems in place to patch networks across an entire business or government enterprise. Cybersecurity is a complex ecosystem with many moving parts — finding the bug is only half the battle.”

ADVERTISEMENT

Ever since the 2016 presidential election, the specter of Russian hacking has cast a shadow over American political life. Many Americans believe that Russian hacking on behalf of Donald Trump cost Hillary Clinton the presidency in the 2016 election, and intelligence agencies have repeatedly characterized Russian hacking as a major national security threat. In an interview last year with Michael McFaul, the former US ambassador to Russia, the diplomat told Salon that Russia’s attempts at meddling in the American presidential election were unprecedented.

“Even during the Cold War, we’d never seen the Soviets try to do that,” McFaul told Salon. “What impresses me in two ways is one, just how extensive it was. It’s on social media. It’s hacking, stealing data from the Democratic Party and publishing it. It’s sending representatives and emissaries to go meet with the Trump family and the Trump Organization to offer up compromising material on Clinton, it’s discussions about lifting sanctions, and it’s just multifaceted on the one hand.”

According to Gorman, the Justice Department under Trump has taken some measures to punish GRU for its hacking activities.

ADVERTISEMENT

“The Justice Department has indicted GRU officers for computer hacking, wire fraud, aggravated identity theft and money laundering in the past in connection with incidents including the 2016 operation,” Gorman explained. “And Treasury has sanctioned  Russian individuals and companies for conducting cyber attacks against the US and its allies. Public adversaries like this one also point a finger at Russia for these intrusions and make it clear that the threat has not abated, but the US and its allies continue to be a target for nation state adversaries like Russia.”


Report typos and corrections to: [email protected].
READ COMMENTS - JOIN THE DISCUSSION
Continue Reading

Breaking Banner

Stylist fired for refusing to cut Black girl’s hair: ‘She made fun of the color of my skin’

Published

on

A Massachusetts stylist was fired after insulting a Black family who had scheduled haircuts.

Damalyn Ellslager-Matthews brought her three children -- ages 7, 5 and 2 -- into Supercuts in Westboro last week, along with her 21-year-old niece, but a stylist balked at cutting their hair, reported WBZ-TV.

“Now this lady told [the niece, who is white], ‘You should have told us you were Black when you made the appointment,’” Damalyn said. “[My daughter] is so naive she says, ‘Well, I’m not Black, my skin’s brown -- can you trim my hair anyways?’”

Continue Reading

Breaking Banner

Fox News host shuts down Trump spokesman’s attempt to paint Biden as a child molester

Published

on

During a segment on Fox News this Thursday, White House deputy press secretary Hogan Gidley tried to shift the topic of discussion to Joe Biden's alleged inappropriateness with children -- an attempt that was immediately shut down by host Sandra Smith.

Gidley was responding to a question about Democratic strategist James Carville's recent comments where he said Trump isn't going to show up to debate Biden.

Continue Reading
 

Breaking Banner

GOP lawmaker rails against removing bust of infamous KKK-loving Confederate general: ‘3,000 Blacks were at his funeral!’

Published

on

Republican Tennessee State Sen. Joey Hensley on Thursday morning made a number of historically dubious claims in his defense of keeping a bust of Nathan Bedford Forrest, an infamous Confederate general whom many historians believe was the first elected Grand Wizard of the Ku Klux Klan.

According to Tennessean reporter Natalie Allison, Hensley defended Forrest's honor by claiming that while he "was in the Ku Klux Klan," he at least "was not a grand wizard."

In fact, according to the official Library of Congress website, Forrest was the first Grand Wizard of the KKK, although he later did call to disband the organization.

Continue Reading
 
 
You need honest news coverage. Help us deliver it. Join Raw Story Investigates for $1. Go ad-free.
close-image