On Wednesday. Mandiant published a new report summarizing the latest activities of Russia’s Sandworm group, also known as APT44.
Sandworm is one of the most notorious Russian threat actor groups, conducting espionage, disruption, and disinformation campaigns. Sandworm utilizes malware to conduct its campaigns including highly disruptive Industroyer and BlackEnergy. Recently, the threat actor group has been concentrating on disruption operations in Ukraine as a means of supplementing conventional military tactics. In its new report, Mandiant has delineated Sanworm to its own APT number, 44, and detailed the hacktivist personas used by APT 44 like the Cyber Army of Russia Reborn (CARR). Sandworm claims to be able to manipulate operational technology in critical infrastructure sectors located in the U.S. and the European Union. Sandworm has also been responsible for several cyber attacks on U.S. critical water infrastructure as well as decryption on behalf of the Russian military in the war with Ukraine.
Read more: