Russian intelligence is working with malware that penetrates the defenses of the operating system "Windows" ;, Finnish cybersecurity experts report. From “Microsoft” confirm the breach.
Finnish security company "WithSecure" has discovered a new type of malware that is being used to break into some Microsoft operating system systems. - Windows. The malware, which cyber security experts have dubbed "Kapeka" can give hackers long-term access to their victim's system, ARD explains.
The malware is attributed to the Russian cyber-attack group "Sandworm", which is run by the headquarters of Russia's military intelligence (GRU). "Sandworm" is particularly known for its attacks on Ukraine.
"Microsoft" confirms the existence of the malware
The findings of "WithSecure" were confirmed by "Microsoft". Rüdiger Trost, an expert from the Finnish cyber security company, believes that the discovery is a "serious blow against Russia, which has used this software in Ukraine and Eastern Europe".
"With this discovery, the Russian secret services no longer have an important tool, as the loopholes created now will be discovered and closed in a short period of time," the expert commented to ARD. As a result, Russia is losing influence in the cyberwarfare that accompanies conventional military action on the front, says Trost.
Custom tool used in Eastern Europe
According to additional information from "WithSecure" the malware disguises itself as an add-on for the word processor "Word" of "Microsoft". The software is not widely distributed, but very targeted.
Security researcher at the Finnish company Mohamed Kazem Hasan Nejad says the tool is customized and has worked in limited-scale attacks. Experts believe that the software is in use from mid-2022 in Eastern Europe.