![Microsoft is quietly fighting a clever war against Russian hacking group Fancy Bear Microsoft is quietly fighting a clever war against Russian hacking group Fancy Bear](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7JqLsu2LEREdJBOGDEg3eExWG2YqqMecWBq5uQlF98LIJy1WVcT_D3oGkEWLyc6JbeWY4LRgIMHuAmAwKnD5TuzSi-P1lmXXbfae8pWuahgx2WZdiYyNsjx_x0LeYZ9OrG-Z1E1jvoCc/s320/1500568594822-1.jpg)
While you can’t exactly drag an amorphous, faceless hacking group into court, the lawsuit served one key purpose: it hijacked some of Fancy Bear’s servers. In the last year, Microsoft has taken over at least 70 different Fancy Bear domains, many of which served as “command-and-control” points so the hackers could communicate with the malware they installed on targeted computers.
The Daily Beast details how in 2016, Microsoft’s legal team sued Fancy Bear (also known by many other aliases) for reserving domain names that violated Microsoft trademarks. Apparently, in the course of claiming generic domains for its operations, Fancy Bear often selected domains that riff of of Microsoft products and services, inadvertently opening the door to the lawsuit.
When a domain flips over into Microsoft’s hands, the company can use it to observe and map Fancy Bear’s server network, which communicates with the Microsoft domains. The result is that the company can indirectly disrupt and observe aspects of a suspected foreign intelligence operation — a pretty clever trick for a tech company to pull off in its spare time.
Post a Comment