July 21, 2017 By Pierluigi Paganini
Microsoft used the lawsuit to disrupt a large number of cyber espionage campaigns conducted by infamous Fancy Bear APT hacking group
We have discussed several times about hacking back and the case we are going to analyze is a good example of an alternative approach to hit back an APT group. Microsoft used the lawsuit to disrupt a large number of cyber espionage campaigns conducted by infamous Fancy Bear APT hacking group (APT28, Sofacy, Sednit, and Pawn Storm). The experts with the help of the authorities took over the command and control infrastructure of the group in order to analyze the traffic and the targets of the malware by using the lawsuit as a tool.
Full Article.
Microsoft sued Fancy Bear to gain control of the domains used in the cyber espionage campaigns
Userlevel 7
+54
+8
Nice one. Fight them on their own turf. I am all for it. I bet it took them by surprise as criminals usually do not anticipate a level playing field. While Microsoft is not seen by many as the "good guy", this was ingenous and could make other cyber criminals to change their strategy. And if they do, someone else will be right behind them now that their methods are understood.
Of course, I also doubt that the work of Ransonmare and infecting PC's are far from over, at least Microsoft has played their hand. Good work Jasper. Nice find.
Theresa
Of course, I also doubt that the work of Ransonmare and infecting PC's are far from over, at least Microsoft has played their hand. Good work Jasper. Nice find.
Theresa
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.