Jump to content

Sandworm (hacker group)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 199.46.249.140 (talk) at 23:41, 4 January 2021. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

This article provides insufficient context for those unfamiliar with the subject. Please help improve the article by providing more context for the reader. (October 2020) (Learn how and when to remove this message)

Sandworm Team
Formation	c. 2004–2007^[1]
Type	Advanced persistent threat
Purpose	Cyberespionage, cyberwarfare
Headquarters	22 Kirova Street
Region	Russia
Methods	Zero-days, spearphishing, malware
Official language	Russian
Parent organization	GRU
Affiliations	Fancy Bear Unit 26165
Formerly called	Voodoo Bear Sandworm Iron Viking Telebots

The Sandworm Team, also known as Unit 74455, is a Russian cybermilitary unit of the GRU.^[1]

The team is believed to be behind the December 2015 Ukraine power grid cyberattack,^[2]^[3]^[4] the 2017 cyberattacks on Ukraine using the Petya malware^[5] and the cyberattack on the 2018 Winter Olympics opening ceremony.^[6]

On October 19, 2020 a US-based grand jury released an indictment charging six officers of the GRU with cybercrimes.^[7]^[8]^[9]

See also

References

^ Greenberg, Andy (2019). Sandworm: a new era of cyberwar and the hunt for the Kremlin's most dangerous hackers. Knopf Doubleday. ISBN 978-0-385-54441-2.
^ "Hackers shut down Ukraine power grid". www.ft.com. 5 January 2016. Retrieved 2020-10-28.
^ Volz, Dustin (25 February 2016). "U.S. government concludes cyber attack caused Ukraine power outage". Reuters. Retrieved 2020-10-28.
^ Hern, Alex (7 January 2016). "Ukrainian blackout caused by hackers that attacked media company, researchers say". The Guardian. ISSN 0261-3077. Retrieved 2020-10-28.
^ "The Untold Story of NotPetya, the Most Devastating Cyberattack in History". Wired. ISSN 1059-1028. Retrieved 2020-10-28.
^ Greenberg, Andy. "Inside Olympic Destroyer, the Most Deceptive Hack in History". Wired. ISSN 1059-1028. Retrieved 2020-10-28.
^ Cimpanu, Catalin. "US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks". ZDNet. Retrieved 2020-10-28.
^ "Russian cyber-attack spree shows what unrestrained internet warfare looks like". The Guardian. 19 October 2020. Retrieved 2020-10-28.
^ "US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit". Wired. ISSN 1059-1028. Retrieved 2020-10-28.

External links

US Justice Department press release

Hacking in the 2020s

← 2010s

2030s →

Major incidents

2020	BlueLeaks Twitter account hijacking European Medicines Agency data breach Nintendo data leak United States federal government data breach EasyJet data breach Vastaamo data breach
2021	Microsoft Exchange Server breach Ivanti Pulse Connect Secure data breach Colonial Pipeline ransomware attack Health Service Executive ransomware attack Waikato District Health Board ransomware attack JBS S.A. ransomware attack Kaseya VSA ransomware attack Transnet ransomware attack Epik data breach FBI email hack National Rifle Association ransomware attack Banco de Oro hack
2022	Ukraine cyberattacks Red Cross data breach Anonymous and the Russian invasion of Ukraine Viasat hack DDoS attacks on Romania Costa Rican ransomware attack LastPass vault theft Shanghai police database leak Grand Theft Auto VI content leak
2023	Munster Technological University ransomware attack Evide data breach MOVEit data breach Insomniac Games data breach Polish railway cyberattack British Library cyberattack
2024	XZ Utils backdoor

Groups

Major vulnerabilities
publicly disclosed

SMBGhost (2020)
Thunderspy (2020)
PrintNightmare (2021)
FORCEDENTRY (2021)
Log4Shell (2021)
Account pre-hijacking (2022)
Retbleed (2022)
Downfall (2023)
LogoFAIL (2023)
Reptar (2023)
Terrapin (2023)
GoFetch (2024)

Malware

2020	Adrozek Drovorub
2021	Predator
2022	Cyclops Blink Pipedream

Retrieved from "https://en.wikipedia.org/w/index.php?title=Sandworm_(hacker_group)&oldid=998345776"

Hidden categories: