A recent investigation by EclecticIQ has revealed that Sandworm (APT44), a Russian state-sponsored Advanced Persistent Threat (APT) group linked to the GRU, is exploiting pirated Microsoft Key Management Service (KMS) tools to target Ukrainian Windows users. This campaign, ongoing since late 2023, leverages trojanized KMS activators and fake Windows updates to deploy malware for cyber … Continue reading Sandworm APT Using Pirated Microsoft KMS Tools to Compromise Windows Systems