Microsoft disrupts Russian cyber-attackers targeting Ukraine and the US


Microsoft said this disrupted the actions of a Moscow-linked cyberattack targeting Ukraine, the US and Europe.

According to Microsoft Corporate Vice President Tom Burt, Strontium, which Microsoft associates with Russian military intelligence, was targeting the media and other institutions in Ukraine, as well as government agencies and think tanks from the United States and Europe.

“This week we were able to block some of Strontium’s attacks on targets in Ukraine,” Mr. Burt told Microsoft. blog Thursday. “On Wednesday, April 6, we received a court order that allowed us to take control of the seven internet domains that Strontium used to carry out these attacks. We have since redirected these domains to a Microsoft-controlled sinkhole, allowing us to reduce Strontium’s current use of these domains and We’ve allowed us to enable victim notifications.”

Microsoft previously identified Strontium as responsible for attacks on Democrats surrounding the 2016 election, and Microsoft said Strontium targeted both Republican and Democratic advisors ahead of the 2020 presidential election. Mr. Burt Wrote In September 2020, Strontium targeted more than 200 organizations linked to the upcoming election in a cyber campaign to compromise accounts and gain access for later use in intelligence gathering and disruption.

Mr Burt said Thursday that Microsoft believes the recent actions of Russian hackers seek “long-term access” to systems to provide tactical support to the invasion of Russia, and that the hackers are trying to steal sensitive information.

Microsoft’s latest action comes just after the Justice Department announced on Wednesday that the US government had disrupted “a two-layered global botnet of thousands of infected network hardware devices” under the control of a different cyber attacker called Sandworm, which the US government previously attributed to the Russian. military intelligence

The ministry said the operation authorized by the court was carried out in March. The malware removal operations, known as “Cyclops Blink,” were led by the FBI’s cyber team and offices in Atlanta, Pittsburgh, and Oklahoma City, and prosecutors in Pennsylvania.

In addition to operations linked to Russian military intelligence exposed by Microsoft and the federal government, Meta found on Thursday that hackers with a connection to Belarus had attempted to hack into the Facebook accounts of dozens of Ukrainian military personnel.

Meta said a handful of accounts had posted videos promoting surrender during Russia’s invasion, but the company had stopped the videos from being shared.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *