Microsoft obtains court order to take down domains used to target Ukraine
Microsoft announced that it had obtained a court order to take down seven domains used by APT28, also known as Strontium, a Russian-linked hacking group, to prevent the group’s attacks on Ukraine.
‘We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium’s current use of these domains and enable victim notifications,’ Tom Burt, Microsoft’s corporate vice president of customer security and trust, said.
The domains were also used in attacks against the US and the EU government institutions and think tanks involved in foreign policy. ‘We believe APT28 was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information,’ Burt added.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.