Microsoft disrupts new Russian US election hacking bid


Microsoft has disrupted an attempt by Russian hackers to interfere in the US midterms in accordance with a court order, the company has said.

A number of high-profile conservative groups in the US were being targeted in the run-up to the country’s 2018 midterm elections, said Microsoft.

The company warned it was seeing the same interference attempts ahead of the midterms as it saw during the presidential elections in the US and France.

The court order requested that Microsoft transfer control of six internet domains away from a hacking group which is believed to be tied to the GRU, Russia’s military intelligence agency.

Brad Smith, Microsoft’s president, said the company had now used that approach a dozen times in two years to shut down 84 fake websites associated with the group.

Mr Smith quoted a court order which stated there was “good cause” to believe that the group – known as Fancy Bear, Strontium, and APT 28 – was “likely to continue” its conduct.

:: Naming Russia offers cyber security its #MeToo moment

A man walks past the building of the headquarters of the Russian General Staff's Main Intelligence Department (GRU) in Moscow on December 30, 2016. Russia's foreign ministry has requested President Vladimir Putin turf out 35 American diplomats from the country in a tit-for-tat response to a similar move by Washington over hacking allegations, Moscow's top diplomat said on December 30, 2016. 'Russia's foreign ministry... has requested that the Russian president approve declaring as personae non g
Image: The headquarters of the GRU in Moscow, accused of interference campaigns

The domains spoofed the websites of conservative think tanks including the International Republican Institute and the Hudson Institute.

Microsoft added that there was no evidence that the domains were used in any successful attacks before the company tackled them.

The GRU has been observed using spoofed domains as a platform to send spear-phishing emails from.

These mimic the design of the legitimate sites in order to get the victims’ to click on a link to a page with malware, or to enter their credentials to a page the attackers’ control.

“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft added.

Earlier this year Facebook also uncovered a “sophisticated” attempt to politically influence the middterms, although this was not tied to Russia.

A dozen members of the GRU who were previously involved in attempts to interfere in the 2016 US election were named in a legal indictment in July.

More from Microsoft

The intelligence operatives are accused of hacking into the the Democratic National Committee (DNC) as well as Hillary Clinton’s presidential campaign through spear-phishing emails.

Moscow has denied that it is attempting to interfere in the midterm elections, according to a diplomatic source cited by the Russian news agency Interfax.

From – SkyNews