Hackers Exploited Windows Flaw to Spy
Signs point to Russian cyberespionage—but why the 'Dune' references?
By Jenn Gidman,  Newser Staff
Posted Oct 14, 2014 1:23 PM CDT
In this Feb. 27, 2013, photo illustration, hands type on a computer keyboard in Los Angeles.   (AP Photo/Damian Dovarganes, File)

(Newser) – Microsoft is releasing a patch today to fix a vulnerability in its Windows OS—but not before a cyberespionage campaign against Ukrainian government employees and an American expert on Russia took place. According to the iSight cyberintelligence firm, which discovered the bug last month, hackers sent malicious PowerPoints to users on Windows Vista, 7, or 8, then activated the bug to control users' computers, the Wall Street Journal reports. The hack was part of a larger operation that also spied on NATO, the EU, and energy and telecommunications companies, Reuters reports. iSight doesn't know for sure who's behind the hacking, but it notes that a) one of the hackers is fluent in Russian; b) the Herculean effort suggests a well-supported team (i.e., helped out by a country's government); and c) the targets the hackers went after suggest Russian interests.

What worries security experts is that even though there's now a patch to protect against the breach, the hacking world will try to gain access to users' computers before they have a chance to install the fix. "Every criminal and their brother is going to be trying to exploit this flaw in the next few weeks," an ACLU technologist tells the Journal. Perhaps even more mysterious than who's behind the hacking is the information embedded in the software code: iSight says it’s calling the spy operation "Sandworm Team," Reuters notes, because of multiple references found within the hackers' code to Dune—the sandworm was the toothy, desert-dwelling creature featured in the sci-fi movie, book, and TV series. (Chinese hackers accessed personal data for US federal employees earlier this year.)