Seven internet domains used by Strontium, a Russian state-sponsored hacking group, were seized by Microsoft last week. This has been part of a years-long investigation into the Russian hacker group, which has allegedly been conducting a series of cyberattacks on Ukraine since the Russian-led invasion started nearly two months ago. Strontium has ties to Russia’s military intelligence unit, GRU, and has also gone by the names APT28 and “Fancy Bear.” The group is reportedly responsible for massive cyberattacks such as the infamous DNC hack in 2016(opens in new tab) and malware attacks on numerous businesses worldwide(opens in new tab). In a blog post(opens in new tab), Tom Burt, VP of customer security and trust at Microsoft, broke down how and when the company made its move against the hacker group. “On Wednesday, April 6th, we obtained a court order authorizing us to take control of seven internet domains Strontium was using to conduct these attacks. We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium’s current use of these domains and enable victim notifications.”
Read more : Microsoft disrupts Russian cyberattacks targeting Ukraine by seizing domains.