A Russian hacking group, which is thought to have been active since 2009, spied into computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunication sectors, by exploiting a bug in Microsoft Windows and other software.
The Russian hackers, possibly working for the government, also targeted a Polish energy firm, a Western European government agency and a French telecommunication firm, in their recent campaign, according to iSight Partners, a cyber-security firm.
"This is consistent with espionage activity," said iSight Senior Director Stephen Ward, reports Washington Post. "All indicators from a targeting and lures perspective would indicate espionage with Russian national interests."
ISight dubbed the recently detected hacking kingpin 'SandWorm Team' because some of its codes had references to the science-fiction novel "Dune." The fictional desert plant of Arrakis, for instance, was mentioned several times, according to the report.
Having been monitoring the hacker's activity in late 2013, the cyber security firm discovered the vulnerability – known as "zero-day" in August, the Washington Post report said. The flaw is present in every Windows operating system from Vista to 8.1, except Windows XP, Stephen Ward said.
The operation used a variety of ways to attack the targets over the years according to iSight. But hackers began only in August to exploit the vulnerability found in most Windows computers.
ISight told Microsft Corp about the bug and the company said it would roll out an automatic update to affected versions of Windows on Tuesday, Reuters reported.
"Your targets almost certainly have to do with your interests. We see strong ties to Russian origins here," John Hulquist, head of iSight's cyber espionage practice told Reuters. The firm plans to release a 16-page report on Sandworm Team on its clients on Tuesday.
