The cybersecurity agency of France has recently affirmed that a group of Russian military hackers, acknowledged as the Sandworm group, was behind a three-years-long operation.
Through this operation, the threat actors have breached the internal networks of various French entities operating the Centreon IT monitoring software. However, ANSSI has not been able to discover how the servers were compromised.
According to the report, it is not yet clear if the threat actors have exploited a vulnerability in the displayed Centreon software or a supply chain negotiated the victims.
Hackers deployed Backdoors on hacked servers
After investigating the compromised servers on the networks, ANSSI determined that the threat actors have used Exaramel and PAS web shell backdoors.
To attack the victims in their networks, the threat actors targeted the Centreon IT monitoring software. But, the customer list of Centreon involves various high-profile organizations.
The organizations that were involved…
