This practice has meant that the group has been able to steal confidential, sensitive data from several of the most important institutions and governments in the world. Evidence seems to suggest that the members of Earworm, also known as Zebocracy, are linked to APT28 (also known as Fancy Bear), a cybercriminal group that has been stealing government intelligence for years, especially from countries it considers to be enemies. The UK’s National Cyber Security Centre has also accused Earworm and Russia intelligence of carrying out attacks on several countries’ institutional cybersecurity. This software was installed on the computer, and was able to automatically download other malware tools. This software was installed on the computer, and was able to automatically download other malware tools. Wherever possible, an institution’s most sensitive and confidential information should be stored in systems with no Internet connection.