Russian spyware is tapping Ukrainian government offices

Snake, an espionage tool linked to the Russian government earlier this year, has been found in the computers of Ukraine’s prime minister and various embassies of its allies in Eastern Europe.

“Sensitive diplomatic information has been made available to the perpetrators of the attack as a result,” the Financial Times reports.

Snake is being carefully targeted at security and defense systems of governments and key government partners.

The cyber assault against eastern Europe started by infecting 84 prominent public websites which the attackers knew were visited regularly by government, defense industry and diplomatic service employees.

“The first level of infection involved visitors to those websites being prompted to upgrade their shockwave player software,” according to the Financial Times.

Details from the computers of targets who clicked to upgrade were then sent to the spies.

The second part of the campaign involved Snake operators targeting groups of visitors whose IP addresses corresponded to institutions and organizations of interest.

These victims were subsequently infected with a piece of malware known as "wipbot".

“The wipbot malware allowed Snake's operators to determine how senior those infected were in their organizations,” the Financial Times reports. “This then allowed for a specific and targeted deployment of the full Snake malware package solely to those whose computer systems contained the most sensitive and valuable information.”

Dozens of computers in the Ukrainian prime minister's office and at least 10 of Ukraine's embassies abroad have been compromised.

The operation has also affected embassies in at least nine countries, including Germany, China, Poland and Belgium.

Reports of the cyber strategy arrive as tensions between Russia and the west escalate. Russian troop buildups on the Ukrainian border continue, as U.S. and EU officials mete out economic sanctions against Moscow.