Techly NewsGet the app

Get the latest tech news

A Hacker Group Within Russia’s Notorious Sandworm Unit Is Breaching Western Networks


A team Microsoft calls BadPilot is acting as Sandworm's “initial access operation,” the company says. And over the last year it's trained its sights on the US, the UK, Canada, and Australia.

Over the last decade, the Kremlin's most aggressive cyberwar unit, known as Sandworm, has focused its hacking campaigns on tormenting Ukraine, even more so since Russian president Vladimir Putin's full-scale invasion of Russia's neighbor. After BadPilot's initial breaches, other Sandworm hackers have used its intrusions to move within victim networks and carry out effects such as stealing information or launching cyberattacks, Microsoft says. Over the last three years, the company says, the geography of the group's targeting has evolved: In 2022, it set its sights almost entirely on Ukraine, then broadened its hacking in 2023 to networks worldwide, and then shifted again in 2024 to home in on victims in the US, the UK, Canada and Australia.

Get the Android app

Or read this on Wired

Read more on:

Photo of Russia

Russia

Photo of hacker group

hacker group

Photo of western networks

western networks

Related news:

News photo

Russia's Sandworm caught snarfing credentials, data from American and Brit orgs

News photo

Russia Emergency Services Work to Prevent Pacific Oil Spill

News photo

7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine

« Money-Hungry Hackers Threaten US National Security, Google Says
Skybound Entertainment expands its universe with Maple Media acquisition »