1 min read

Microsoft Secures Court Order to Seize Domains Used to Target Ukraine

Vlad CONSTANTINESCU

April 08, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft Secures Court Order to Seize Domains Used to Target Ukraine

Microsoft yesterday disclosed that it secured a court order letting it take control of several domains belonging to APT28, a state-sponsored Russian military intelligence group, to hamper the group’s attacks against Ukraine.

The company recently noticed attacks against Ukrainian targets from Strontium, a Russian actor connected to GRU (Main Intelligence Directorate) that Microsoft tracked for years.

APT28 is a cyber espionage and APT (Advanced Persistent Threat) group active since 2009. The group operated under names including Sofacy, Pawn Storm, Iron Twilight, Sednit, Fancy Bear and Strontium, mainly attacking security-oriented military, media, governments and international non-governmental organizations (NGOs).

Microsoft said in a blog post that the company disrupted some of the group’s attacks aimed at Ukraine. Earlier this week, it obtained a court order that authorizes it to seize seven Internet domains used by Strontium to conduct these malicious operations.

Microsoft then redirected the captured domains to a company-controlled sinkhole, neutralizing the threat actor’s weaponization of the domains and allowing them to notify potential victims.

“Strontium was using this infrastructure to target Ukrainian institutions including media organizations,” the blog post reads. “It was also targeting government institutions and think tanks in the United States and the European Union involved in foreign policy.”

“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information. We have notified Ukraine’s government about the activity we detected and the action we’ve taken,” the document continues.

The tech giant adds that the Strontium attacks are just the tip of the iceberg amid an “onslaught of cyberwarfare that has escalated since the invasion began and has continued relentlessly.”

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Matrix Releases Updates to Patch Critical End-to-end Encryption Vulnerabilities Matrix Releases Updates to Patch Critical End-to-end Encryption Vulnerabilities
Vlad CONSTANTINESCU

September 30, 2022

2 min read
US Taxpayers Urged to Stay Vigilant as Major IRS-Themed Smishing Campaign Unfolds US Taxpayers Urged to Stay Vigilant as Major IRS-Themed Smishing Campaign Unfolds
Filip TRUȚĂ

September 29, 2022

1 min read
Auth0 Discloses Security Incident, Says Source Code Repos Were Likely Stolen Auth0 Discloses Security Incident, Says Source Code Repos Were Likely Stolen
Vlad CONSTANTINESCU

September 29, 2022

1 min read