Microsoft has accused Russian military intelligence of cyber attacks on Poland and Ukraine
To be more precise, it was done by hackers who are “supported by Russian military intelligence”
The hacker group with which the software company associates cyberattacks
Known in research circles as Sandworm – is one of the most talented and destructive in the world. And, according to Microsoft, it is supported by Russian military intelligence.
Last month, Microsoft reported that transport and logistics organizations in Poland and Ukraine were subjected to cyber attacks using a previously unseen ransomware program.
After the introduction, the ransomware program scanned all files in the system of the infected computer and encrypted the contents of files with extensions.txt, .png, gpg and more than 200 others. Then Prestige (the so-called virus) added an extension.enc to an existing file extension. Microsoft attributed the attack to an unknown threat group, which it dubbed DEV-0960. The company later updated the report, stating that based on forensic artifacts and coincidences in victimology, working methods, capabilities and infrastructure, researchers determined that DEV-0960 is most likely a Sandworm.