Microsoft stops Russian cyberattacks against Ukraine by seizing domains

Seven internet domains used by Strontium, a Russian state-sponsored hacking group, were seized by Microsoft last week. This is part of a years-long investigation into the Russian hacking group, which has allegedly been carrying out a series of cyberattacks in Ukraine since the Russian-led invasion began nearly two months ago.

Strontium has ties to Russia’s military intelligence unit, GRU, and also goes by the names APT28 and “Fancy Bear”. The group is allegedly responsible for massive cyberattacks such as the infamous DNC hack in 2016 (opens in new tab) and malware attacks in various companies all over the world (opens in new tab).

On a blog post (opens in new tab)Tom Burt, vice president of security and customer trust at Microsoft, explained how and when the company took its action against the hacking group:

“On Wednesday, April 6th, we obtained a court order authorizing us to take control of seven Internet domains that Strontium was using to conduct these attacks. use those domains and enable victim notifications.”

The domains in question were being used to target Ukrainian government institutions and media organizations. Microsoft suspected that Strontium was trying to “establish long-term access to its targets’ systems, provide tactical support for physical intrusion, and exfiltrate sensitive information.”

According to Microsoft, it wasn’t just Ukraine; the hackers targeted US and European government institutions related to foreign policy. Microsoft has been investigating strontium since 2016 and has taken legal action at least 15 times and taken control of more than 100 strontium-controlled domains.

During the Russian invasion, Ukrainian IT and technology workers united online (opens in new tab) to counter the cyber attackers by launching DDOS and phishing attacks on Russian digital infrastructure in the ongoing cyber war.

“Strontium attacks are just a small part of the activity we’ve seen in Ukraine, Burt continues.” which has increased since the beginning of the invasion and has continued relentlessly”.

Leave a Comment