Microsoft claims to have successfully thwarted the hacking of targets in Ukraine, the European Union and America by Russian military spies.
In its official blog post, Microsoft called the hacker Strontium and used seven different domains as an attempt to spy on government agencies in the European Union and the United States, including various institutions in Ukraine.
Strontium is the nickname given by Microsoft to a hacker gang that is actually more famous as Fancy Bear or APT28, a hacker gang that is said to have ties to the Russian military intelligence agency.
"We recently discovered an attack targeting a Ukrainian entity from Strontium, a Russian actor (hacker) connected to the GRU (Russian intelligence agency) that we have been monitoring for years," Microsoft wrote in its official blog post as seen on Saturday (Saturday). 8/4/2022).
"This week we succeeded in thwarting a number of Strontium attacks that attacked targets in Ukraine. On Wednesday (6/4) we received court permission to take over seven internet domains used by Strontium for this attack," added the company from Redmond, Washington.
With the acquisition of the domain, Microsoft can point the domain to a 'dunk hole' controlled by Microsoft, which allows them to mitigate and monitor Strontium's use of this domain, as well as alerting victims of previous attacks.
Strontium is said to have used this domain to attack various institutions in Ukraine, including media companies. They also attacked government institutions and think tanks in the United States and the European Union.
Microsoft claims to have been monitoring the movement of Strontium since 2016, including taking various legal and technical steps to seize the infrastructure used by Strontium.