Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.
posted by janrinok on Monday November 14 2022, @03:12PM   Printer-friendly

The hacking group Microsoft ID'd is among the world's most cutthroat and skilled

Microsoft on Thursday fingered Russia's military intelligence arm as the likely culprit behind ransomware attacks last month that targeted Polish and Ukrainian transportation and logistics organizations.

If the assessment by members of the Microsoft Security Threat Intelligence Center (MSTIC) is correct, it could be cause for concern for the US government and its European counterparts. Poland is a member of NATO and a staunch supporter of Ukraine in its bid to stave off an unprovoked Russian invasion. The hacking group the software company linked to the cyberattacks—known as Sandworm in wider research circles and Iridium in Redmond, Washington—is one of the world's most talented and destructive and is widely believed to be backed by Russia's GRU military intelligence agency.

Sandworm has been definitively linked to the NotPetya wiper attacks of 2017, a global outbreak that a White House assessment said caused $10 billion in damages, making it the most costly hack in history. Sandworm has also been definitively tied to hacks on Ukraine's power grid that caused widespread outages during the coldest months of 2016 and again in 2017.

Last month, Microsoft said that Poland and Ukraine transportation and logistics organizations had been the target of cyberattacks that used never-before-seen ransomware that announced itself as Prestige. The threat actors, Microsoft said, had already gained control over the victim networks. Then in a single hour on October 11, the hackers deployed Prestige across all its victims.

Once in place, the ransomware traversed all files on the infected computer's system and encrypted the contents of files that ended in .txt, .png, gpg, and more than 200 other extensions. Prestige then appended the extension .enc to the existing extension of the file. Microsoft attributed the attack to an unknown threat group it dubbed DEV-0960.

On Thursday, Microsoft updated the report to say that based on forensic artifacts and overlaps in victimology, tradecraft, capabilities, and infrastructure, researchers determined DEV-0960 was very likely Iridium.


Original Submission

 
This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Disagree) by khallow on Tuesday November 15 2022, @11:53PM (4 children)

    by khallow (3766) Subscriber Badge on Tuesday November 15 2022, @11:53PM (#1279926) Journal

    i don't give a flying fuck about eurotrash and never will

    We were talking about stuff bad for America, not stuff that you claim to care about. Once again, setting things up for another massive European war is bad for America. That's why the US is involved in Ukraine.

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Disagree=1, Total=2
    Extra 'Disagree' Modifier   0  

    Total Score:   2  
  • (Score: 1) by HammeredGlass on Wednesday November 16 2022, @07:52PM (3 children)

    by HammeredGlass (12241) on Wednesday November 16 2022, @07:52PM (#1280077)

    We're involved with Ukraine because it is a handy money laundering tool for U.S. politicians "Hi FTX".

    We're involved with Ukraine because people like John Kerry, Joe Biden, and Nancy Pelosi get their relatives on to Ukrainian gas company boards.

    We're involved there because the Israelis always want to stick it to Russia because there is a competing Jewish hegemony in Russia that doesn't align with the petty Zionist concerns.

    We're also involved because of all of the bluster about going green by the Eurotrash all the while they buy natural gas from Russia to keep from freezing after they shut down nuclear power plants and they would rather let soldiers die while committing "regime change" so that they can have their own power running things in Russia for their profit.

    • (Score: 1) by khallow on Thursday November 17 2022, @12:56AM (2 children)

      by khallow (3766) Subscriber Badge on Thursday November 17 2022, @12:56AM (#1280135) Journal

      We're involved with Ukraine because it is a handy money laundering tool for U.S. politicians "Hi FTX".

      We're involved with Ukraine because people like John Kerry, Joe Biden, and Nancy Pelosi get their relatives on to Ukrainian gas company boards.

      We're involved there because the Israelis always want to stick it to Russia because there is a competing Jewish hegemony in Russia that doesn't align with the petty Zionist concerns.

      We're also involved because of all of the bluster about going green by the Eurotrash all the while they buy natural gas from Russia to keep from freezing after they shut down nuclear power plants and they would rather let soldiers die while committing "regime change" so that they can have their own power running things in Russia for their profit.

      And we're involved because Russia tried to regrow the USSR with no end in sight. All those groups you disparage are vastly better for the US to support. In particular, a Jewish hegemony in Russia would be vastly better than the present fascist government.

      • (Score: 1) by HammeredGlass on Thursday November 17 2022, @01:23AM (1 child)

        by HammeredGlass (12241) on Thursday November 17 2022, @01:23AM (#1280138)

        " Jewish hegemony in Russia would be vastly better than the present fascist government."

        this already exists. they both operate together hand in glove.

        • (Score: 1) by khallow on Thursday November 17 2022, @04:41AM

          by khallow (3766) Subscriber Badge on Thursday November 17 2022, @04:41AM (#1280157) Journal
          Ah, you refer to the Jewish part of the oligarchs. It's not actually a hegemony due to Russian government control.