Skip to main content

Microsoft says it stopped Russian hackers hitting US conservative group sites

(Image credit: Image Credit: Welcomia / Shutterstock)

Microsoft recently said that it had prevented hackers, with ties to the Russian government, from trying to steal user data from conservative groups promoting democracy and advocating for cybersecurity.

Reuters reports that Microsoft’s Digital Crimes Unit (DCU) disrupted and transferred control of six internet domains that were created by the Strontium group. Some might be more familiar with this group’s other aliases – Fancy Bear or APT28.

That’s the same group that targeted Windows users in November 2016, and that was accused of attacking the German government.

“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft said.

The group created URLs and websites that look almost identical to three US Senate websites. They also created Office 365 lookalike sites, as well as the sites of the International Republican Institute and the Hudson Institute. This type of attack is known as ‘spear fishing’ where hackers trick victims into trying to log into a fake website, effectively giving away their credentials.

Microsoft also added that it’s not sure if these websites have been successfully used or not.

“To be clear, we currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains,” Microsoft said on the blog.

Image Credit: Welcomia / Shutterstock

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.