You are here: Home » International » News » Companies
Business Standard

Microsoft using lawyers to tackle top Russian hacking group

Microsoft has used the lawsuit to wrest control of 70 different command-and-control points

IANS  |  San Francisco 

Photo: Shutterstock

US Tech giant is going after a Russian hacking group believed to be connected to the country's intelligence agency GRU and behind several high-profile cyber attacks including on the and the Hillary campaign.

According to a report in The Daily Beast late on Friday, was using lawyers to take on the hacker group known as Fancy Bear -- accusing it of computer intrusion, cybersquatting and infringing on Microsoft's trademarks.

"The action, though, is not about dragging the into court. The lawsuit is a tool for to target what it calls 'the most vulnerable point' in Fancy Bear's espionage operations: the command-and-control servers the use to covertly direct malware on victim computers," the report added.

So far, Microsoft has used the lawsuit to wrest control of 70 different command-and-control points from Fancy Bear.

Microsoft has "identified over 120 new targets of the Kremlin's cyber spying and control-alt-deleting segments of Russian President Vladimir Putin's hacking apparatus, the report added.

Microsoft's approach is indirect, but effective, it said.

"Rather than getting physical custody of the servers, which Fancy Bear rents from data centres around the world, Microsoft has been taking over the Internet domain names that route to them," the report noted.

These are addresses like "livemicrosoft[.]net" or "rsshotmail[.]com" that Fancy Bear registers for about $10 each.

"Once under Microsoft's control, the domains get redirected from Russia's servers to the company's, cutting off the from their victims, and giving Microsoft a omniscient view of that servers' network of automated spies, the report said.

A judge in Alexandria, Virginia is scheduled to rule whether to grant Microsoft a permanent injunction against Fancy Bear.

Fancy Bear, also known as 'APT28', 'Sofacy', 'Pawn Storm' and 'Strontium' has been conducting cyber attacks since 2007.

According to the US intelligence findings, Fancy Bear targeted the Democratic National Committee (DNC) and the campaign as part of Moscow's efforts to help Donald Trump win the 2016 election.

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

First Published: Tue, July 25 2017. 02:51 IST