Microsoft blocks attacks by Russian hacker group Strontium

Lapsus$: arrestati sette adolescenti legati al gruppo hacker thumbnail

The security team of Microsoft blocked the Russian hacker group Strontium, which was orchestrating an attack on Ukrainian institutions. The Redmond company has blocked seven tomorrows used by hackers, also known as Fancy Bear e APT28.

Microsoft blocks the hackers of the Russian group Strontium against Ukraine

Security experts have repeatedly linked the Strontium group to Glavnoe razvedyvatel’noe upravlenie (GRU), the Russian intelligence service. So Microsoft’s security team knew about the dangers of hackers, which they have been monitoring for some time.

Microsoft has therefore been able to redirect the traffic of Strontium’s domains to its servers, blocking them and stopping attacks aimed at Ukraine. According to Redmond group already in the past “we have taken a similar action 15 times by taking control of over 100 dominthose controlled by Strontium “.

The American company was therefore able to stop the Russian attackers, who were devising new blows to weaken Russian IT infrastructures and make more Ukrainian resistance is complicated.

But the company warns that the danger is far from past. In fact, only a small part of the attacks can be traced back to the Strontium group specifically. A huge number of cyber attacks have hit Ukraine even before the invasion began. By involving critical infrastructures but also by trying to generate confusion and distrust in the population.

The group, also known for infiltrating the Democratic National Committee servers in 2016, was aiming to “foreign policy institutions and think tanks in the United States and Europe“, As well as to Ukraine. This is a sign that the Russian offensive is expanding its range of action. With a possible exclation of the computer conflict at the gates.

We will keep you updated about it.