Sandworm was another vulnerability that the Information Security community flipped their shit over, despite that remote code execution vulnerabilities are found in Windows by vodka-chugging neckbeards all the time. The vulnerability affects Windows Vista through Windows 8.1, Windows Server 2008 and Windows Server 2012. Windows XP was safe due to Clippy taking it upon himself to fend off malware after Microsoft cut support for Windows XP.
More specifically, Sandworm was a 0-day exploit that was used by a group of h4xx0rz to fuck with NATO and the Ukraine in the name of mother Russia. Sandworm may also refer to the malware that the hackers installed after exploiting the vulnerability. Ironically, the Sandworm malware is a trojan, not a worm, but the name Sandworm was chosen because it's scarier, so anti-virus businesses could scare you into buying their products. The Sandworm vulnerability was patched on October 14th, 2014, so it is now shit nobody cares about.
How did it work?
The Sandworm Team would exploit the vulnerability through Microsoft Office by sending the target a powerpoint that would use the OLE vulnerability to download malware. They would send an email to their target that was specially crafted just for him. So, instead of being titled "How to grow your penis 2in in 2 weeks!" as with typical bulk emails, the email would be titled "How NATO employees with top secret access privileges can grow their penis 2in in 2 weeks!" which virtually guaranteed an infection.
Once the target opened the file that was sent to him from someone he doesn't know, the malware installed a backdoor on the system. The Russians could then do whatever they want to the PC, but, being Russian spies, they probably just used the infected computers to fap to loli porn on 2ch.ru and occasionally steal some useless files.
Who was Targeted?
Having just completed their CSIII course and received some rubles from Putin, the Sandworm team decided to do what every other skiddie group does and fuck with some government agencies. However, unlike typical skiddies, this group decided not to DDoS the servers or to frantically search for SQL Injections like faggots, but instead to use their 0-day and some malware to try to steal some files like faggots.
The following fell victim to the attacks from the group:
- Ukrainian government organizations
- Eurotrash government organizations and telecommunications firms
- Polish energy firms
- Bonzi Buddy creator
- Murrican academic organizations
How to avoid it?
You aren't at risk of being targeted by the Sandworm team because you live in your parents' basement and the Sandworm team has no interest in stealing your weeaboo comics or My Little Pony fanfic files. Although other hackers may try to spread their malware by using this exploit, all you have to is run Windows Updates and you don't have to worry about it. Alternatively, you can try these workarounds if for some reason you don't want to update your computer:
- Delete System32
- Disable the WebClient Service
- Block the launching of executables from .INF files
- Use high quality anti-virus software
- Install Gentoo
- Give up and switch to Macs
- Enjoy your iWorm
Who wins something with this
- Putin - Putin gets to read a bunch of tl;dr files containing boring information about who works for the Ukrainian government and some piss-poor papers written by American grad students.
- Sandworm Team - The Sandworm Team gets a small amount of rubles for handing the files over to Putin. They can then use this money to purchase more vodka and mail order brides from the Ukraine.
- Clippy - After valiantly defending Windows XP, Microsoft is considering adding him back to Microsoft Office.
- Freetards - Freetards now have yet another reason to poke fun at Microsoft and brag about how Linux doesn't get viruses despite that shell shock was discovered around the same time and exploits are found for Linux all the time.
- Macfags - For the same non-reason freetards have.
- Security Faggots - Security faggots now have another scary incident to reference when peddling their overpriced Intrusion Detection Systems.
- Jews - Jews profit any time faith in a government agency is weakened as it makes creating NWO easier.
White House under attack
Sandworm Team was followed by another group of Russian leet hax0rs which targeted new entities such as Georgia, Poland, Hungary, and Mexico governments and the White House. Whether or not these hackers are related to the Sandworm Team in any way other than buying their vodka from the same store is unknown.
The Russian hackers were able to breach an unclassified White House system, but fucked up by scanning for other systems loudly enough to set off an IDS which shut them down before they could get to any system that even contained interesting information. All they ended up doing in the end was being an embarrassment to Russian hackers as they were unable to .RAR any of Obama's secret sex tapes and being an excuse for White House desk jockeys to take the day off.
Sandworm is part of a series on
Visit the Softwarez Portal for complete coverage.
Sandworm is part of a series on Programming.
[Enter the Matrix]