There has been a lot of talk about Russian hackers targeting the NATO, telecom companies, energy suppliers, and elections. Now the German public TV channels ZDF and WDR have been hit, too.

The attacker: Sandworm. The victims: German media companies

Hacks are ever so common nowadays. It’s really hard to keep track. Most people probably hear about the bigger attacks, but if it’s just a small company you’ll probably never find out. The same goes for hackers: There are just way too many.

There are some that stand out though and one of them is Sandworm. Sandworm is believed to be a Russian government sponsored group of cybercriminals who apparently were responsible for some of the more noteworthy hacks in recent years. If you’d ever heard the name it probably was in relation to the US election and how they were hacked by the group in order to influence the outcome.

Now it seems that there has been another victim: Two German media companies, ZDF and WDR. They have fallen prey to spear phishing, a very common kind of attack. It basically works exactly as a normal phishing attack but instead of being send to more or less random people the targeted individuals have been chosen very carefully.

No data was stolen – so far

While the ZDF confirms the attack it also mentions that not more than 10 PCs have ever been hacked and that no data was stolen. Things might look different for the WDR – as of now they are refusing to comment due to safety issues.

According to “Der Spiegel” security officials said that the broadcasters were hit in June already, but the attack was discovered soon after.


This post first appeared on the Avira Blog