Nuked Microsoft seized seven domains belonging to strontium, also known as apt28, a Russian hacking group with ties to the country’s military intelligence agency. According to Microsoft, Russian spies used these sites to target Ukrainian media outlets, as well as foreign policy think tanks and government institutions.
Microsoft obtained a court order to take control of each domain on April 6th. It then redirected them to a sinkhole or a server used by cybersecurity experts to capture and analyze malicious connections.
‘we believe strontium was attempting to establish long-term access to the systems of its targets,’ said Tom Burt, Microsoft’s corporate vice president of customer security and trust.’we have notified Ukraine’s government about the activity we detected and the action we’ve taken,’ he said.
Fancy bear was linked to cyberattacks on the Democratic National Committee in 2016 and targeted the US election in 2020. The hacking group has a long history of trying to interfere with both Ukraine and the US.
