Fighting the Bear: Microsoft takes on Russian hackers with clever tactics

During the 2016 elections in the United States, a lot of delicate information was being leaked out of the Democratic party; these leaks were being perpetrated by WikiLeaks and a Russian hacking group called Fancy Bear. Even though WikiLeaks has given us a glimpse into the underground world of politics over the years; the latter have used nefarious means to trick users into giving access to sensitive information. This was then used to blackmail or damage the reputation of specific individuals in the public eye.

The hacking group, which has used Microsoft trademarked names like Hotmail and others to redirect potential traffic to its sites, have come under fire from the technology firm. Although Microsoft hasn't taken them on directly, it has used the legal system and clever tactics to wrestle control back of domain names like rsshotmail.com for instance. These are then updated to direct to the company's own websites, weakening the reach of the group.

The hackers have depended heavily on Microsoft's intellectual property to trick users on the internet to download their malware in the past, giving Microsoft legal precedent. Fancy Bear has used third party servers to host these domains, so Microsoft had to come up with alternative methods of taking the fight to the hacking group. So far it has worked according to Microsoft.

Instead of contacting the hacking group with stolen documents through one of the domain names, it redirects to Microsoft instead, as the company's outside counsel explained:

“In other words, any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server.”

The hacking group, which has committed cyber espionage since 2007 under several aliases; have breached NATO and the White House, amongst other government and private organizations around the world. Even though finding the perpetrators and bringing them to justice can be difficult, Microsoft seems to have used the criminal's own tactics against them, which might be a more effective strategy in the long run.

Source: The Daily Beast

Report a problem with article
Previous Story

Microsoft releases AI risk detection and security tool for Windows and Linux developers

Next Story

This Weekend's PC Game Deals: The return of the deals with Humble Bundles galore

19 Comments - Add comment

Advertisement