Jump to content
  • Sign Up
×
×
  • Create New...

Microsoft files lawsuit to seize domains used by Russian spooks

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

This is the hidden content, please
files lawsuit to seize domains used by Russian spooks

The ******* States District Court for the District of Columbia has today (3 October) unsealed a civil action brought by

This is the hidden content, please
(DCU), including an order allowing it to seize 66 unique domains used by the Russian state threat actor known variously as Star Blizzard, Coldriver and Callisto.

Star Blizzard is alleged to have used these domains to spy on

This is the hidden content, please
customers globally in a lengthy campaign conducted through targeted spear phishing attempts. Victims include multiple civil society individuals organisations, such as journalists and media outlets, non-governmental organisations (NGOs) and think tanks.

The lawsuit is being filed along with the NGO Information Sharing and Analysis Center (

This is the hidden content, please
) in coordination with the US Department of Justice (DOJ), which has itself already seized 41 additional domains attributed to Star Blizzard today. All told, this means more than 100 malicious websites will be taken out, expanding the scope of disruption to Star Blizzard’s activity.

“While we expect Star Blizzard to always be establishing new infrastructure, today’s action impacts their operations at a critical point in time when

This is the hidden content, please
is of utmost concern,” said
This is the hidden content, please
DCU assistant general counsel Steven Masada.

“It will also enable us to quickly disrupt any new infrastructure we identify through an existing court proceeding. Furthermore, through this civil action and discovery,

This is the hidden content, please
’s DCU and
This is the hidden content, please
Threat Intelligence will gather additional valuable intelligence about this actor and the scope of its activities, which we can use to improve the security of our products, share with cross-sector partners to aid them in their own investigations, and identify and assist victims with remediation efforts,” he said.

Described as “relentless” by

This is the hidden content, please
, Star Blizzard’s operations date back as far as 2017, although in the past two years the group has greatly expanded its capabilities, which have been deployed against targets not just in the US but across the Nato bloc.

Last year, the *** officially linked Star Blizzard to Russia’s FSB agency and sanctioned two individuals, named as Andrey Stanislavovich Korinets and Ruslan Aleksandrovich Peretyatko, associated with the operation’s work against targets in the ***, which included hack and ***** attacks prior to the 2019 general election.

Most famously, as exposed by Computer Weekly investigative reporting, the group also attacked a former head of MI6 and stole and published thousands of emails from a network of hard Brexit supporters, supposedly as revenge for former prime minister Boris Johnson’s support for Ukraine.

Masada said that despite the setbacks and sanctions already imposed on Star Blizzard prior to today, the operation has remained remarkably persistent. Its operatives meticulously study their targets and spoof the identities of trusted contacts to gain their trust and achieve their goals.

It now believes that 82 of its customers have been targeted since January 2023, at a rate of about one ******* every week.

“This frequency underscores the group’s diligence in identifying high-value targets, crafting personalised phishing emails, and developing the necessary infrastructure for credential theft. Their victims, often unaware of the malicious intent, unknowingly engage with these messages, leading to the compromise of their credentials. These attacks strain resources, hamper operations and stoke ***** in victims – all hindering democratic participation,” said Masada.

An additional challenge in reaching this point has been Star Blizzard’s ability to adapt and obfuscate its activities and identity. It swiftly transitions its infrastructure to new domains whenever exposed, and has been observed doing so again after

This is the hidden content, please
in August 2024 by The Citizen Lab at the University of Toronto’s Munk School, and digital rights body
This is the hidden content, please
.

Shared mission

Masada continued: “Today’s action is an example of the impact we can have against cyber ****** when we work together. We applaud DOJ for their collaboration in this and other significant matters, and encourage governments globally to engage and embrace industry partners, such as

This is the hidden content, please
, in a shared mission of combatting increasingly sophisticated threats operating in cyber space.

This is the hidden content, please
’s DCU will continue our efforts to proactively disrupt cyber ********* infrastructure and collaborate with others across the private sector and with civil society, government agencies and law enforcement to ****** back against those who seek to cause harm.”

As a best practice,

This is the hidden content, please
is advising all civil society groups to harden their security protections, add multifactor authentication (MFA) on personal and professional email accounts, and enrol the
This is the hidden content, please
This is the hidden content, please
programme, which offers additional, tailored protections.

However, said Redmond, these efforts must be coupled with the application of international norms to limit nation-state-backed cyber attacks, particularly those that target democratic processes.

It pointed out that Star Blizzard, and by extension Russia, is clearly violating the UN Framework for Responsible State Behaviour Online.



This is the hidden content, please

#

This is the hidden content, please
#files #lawsuit #seize #domains #Russian #spooks

This is the hidden content, please

This is the hidden content, please

0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept