France links Russian Sandworm hackers to hosting provider attacks

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/france-links-russian-sandworm-hackers-to-hosting-provider-attacks/

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group.

ANSSI (short for Agence Nationale de la Sécurité des Systèmes d'Information) has not been able to determine how the servers were compromised.

Therefore, it is not yet clear if the attackers exploited a vulnerability in the exposed Centreon software or the victims were compromised through a supply chain attack.

"The first victim seems to have been compromised from late 2017. The campaign lasted until 2020," ANSSI said in a report published today.
"This campaign mostly affected information technology providers, especially web hosting providers."

France links Russian Sandworm hackers to hosting provider attacks

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group.

www.bleepingcomputer.com

 

[[correlate]]

France Ties Russia's Sandworm to a Multiyear Hacking Spree
A French security agency warns that the destructively minded group has exploited an IT monitoring tool from Centreon.

France Ties Russia's Sandworm to a Multiyear Hacking Spree

A French security agency warns that the destructively minded group has exploited an IT monitoring tool from Centreon.

www.wired.com