Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Launches A Counterattack Against Russia's 'Fancy Bear' Hackers (thedailybeast.com)

Posted by EditorDavid on from the lawyers,-bugs,-and-money dept.

Kevin Poulsen writes on the Daily Beast: It turns out Microsoft has something even more formidable than Moscow's malware: Lawyers. Last year attorneys for the software maker quietly sued the hacker group known as Fancy Bear in a federal court outside Washington DC, accusing it of computer intrusion, cybersquatting, and infringing on Microsoft's trademarks... Since August, Microsoft has used the lawsuit to wrest control of 70 different command-and-control points from Fancy Bear... Rather than getting physical custody of the servers, which Fancy Bear rents from data centers around the world, Microsoft has been taking over the Internet domain names that route to them. These are addresses like "livemicrosoft[.]net" or "rsshotmail[.]com" that Fancy Bear registers under aliases for about $10 each. Once under Microsoft's control, the domains get redirected from Russia's servers to the company's, cutting off the hackers from their victims, and giving Microsoft a omniscient view of that servers' network of automated spies. "In other words," Microsoft outside counsel Sten Jenson explained in a court filing last year, "any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server."

3 of 97 comments (clear)

  1. Re:If It Weren't For Russia by aliquis · · Score: 2, Insightful

    If it weren't for Russia we'd be Germans.
    And it would had been great!

  2. Re:So... by Anonymous Coward · · Score: 2, Insightful

    Actually it would be kind of scary to have Dominionist Pence as president. At least Trump is somewhat crippled by his narcissism. Pence might actually be able to rally the crazy religious folks.

  3. "Putin's hackers" by manu0601 · · Score: 3, Insightful

    The paper calls the hacker group "Putin's hackers", and many comments here follow the trend. But Microsoft is a bit more prudent, as noted in TFA:

    Microsoft doesn’t name Russia in its suit, instead describing Fancy Bear as a “sophisticated and well-resourced organization” that remains unidentified.

    Indeed the hackers are probably Russians, and they seem to follow our perceived Russia government's interests, but reducing everything to the enemy's leader, which has to be evil, is basic war propaganda. That does not help thinking, and it drives us away from interesting questions: what are Russia's interests? Does Fancy Bear help serving them?