Microsoft seized Seven Domains belonging to Strontium, also known as Fancy Bear or APT28, a Russian Hacking Group with ties to the Country’s Military Intelligence Agency, the company announced in a Blog Post via TechCrunch.
According to Microsoft, Russian Spies used these Sites to target Ukrainian Media Outlets, as well as Foreign Policy Think Tanks, and Government Institutions, located in the U.S. and the European Union (EU).
Microsoft obtained a Court Order to take Control of each Domain on April 6th. It then Redirected them to a Sinkhole, or a Server used by Cybersecurity Experts, to Capture and Analyze Malicious connections. The company says it has seized over 100 Domains controlled by Fancy Bear, before this most recent takedown.
“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information,” Tom Burt, Microsoft’s Corporate Vice President of Customer Security and Trust, said in the post. “We have notified Ukraine’s government about the activity we detected and the action we’ve taken.”
This particular Hacking group has a Long History of attempting to Interfere with both Ukraine and the U.S. Fancy Bear was linked to Cyberattacks on the Democratic National Committee (DNC) in 2016, and targeted the U.S. Election in 2020.
Russia’s Invasion of Ukraine, has only exacerbated Cyberattacks by Fancy Bear and other Bad actors.
Last month, Google said Fancy Bear and Belarusian Hacking group, Ghostwriter, carried out a Phishing Attack targeting Ukrainian Officials and Members of the Polish Military.
Russian State-sponsored Hackers have also been Accused of Hacking into a European Satellite Service, at the start of Russia’s Invasion of Ukraine, as well as targeting U.S. Defense Contractors in February. It’s unclear whether Fancy Bear was behind either Attack.
NYC Wins When Everyone Can Vote! Michael H. Drucker
No comments:
Post a Comment