Microsoft seized 7 domains belonging to Strontium, also regarded as Extravagant Bear or APT28, a Russian hacking team with ties to the country’s army intelligence agency, the company declared in a blog site publish (via TechCrunch). According to Microsoft, Russian spies utilised these internet sites to focus on Ukrainian media outlets, as perfectly as foreign plan imagine tanks and federal government establishments situated in the US and the European Union.
Microsoft acquired a courtroom buy to consider handle of each individual domain on April 6th. It then redirected them to a sinkhole, or a server made use of by cybersecurity gurus to capture and review malicious connections. The firm claims it has seized over 100 domains managed by Extravagant Bear prior to this most latest takedown.
“We consider Strontium was making an attempt to set up very long-expression obtain to the systems of its targets, supply tactical assist for the actual physical invasion and exfiltrate delicate information,” Tom Burt, Microsoft’s company vice president of customer security and have faith in said in the post. “We have notified Ukraine’s governing administration about the exercise we detected and the motion we’ve taken.”
This specific hacking team has a extensive record of attempting to interfere with the two Ukraine and the US. Extravagant Bear was connected to cyberattacks on the Democratic Nationwide Committee in 2016 and specific the US election in 2020.
Russia’s invasion of Ukraine has only exacerbated cyberattacks by Extravagant Bear and other lousy actors. Previous month, Google claimed Extravagant Bear and Belarusian hacking group Ghostwriter carried out a phishing attack focusing on Ukrainian officers and customers of the Polish armed forces. Russian condition-sponsored hackers have also been accused of hacking into a European satellite provider at the begin of Russia’s invasion of Ukraine, as very well as targeting US protection contractors in February. It’s unclear regardless of whether Fancy Bear was behind possibly attack.