Diamond Member Pelican Press 0 Posted October 3, 2024 Diamond Member Share Posted October 3, 2024 This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up files lawsuit to seize domains used by Russian spooks The ******* States District Court for the District of Columbia has today (3 October) unsealed a civil action brought by This is the hidden content, please Sign In or Sign Up (DCU), including an order allowing it to seize 66 unique domains used by the Russian state threat actor known variously as Star Blizzard, Coldriver and Callisto. Star Blizzard is alleged to have used these domains to spy on This is the hidden content, please Sign In or Sign Up customers globally in a lengthy campaign conducted through targeted spear phishing attempts. Victims include multiple civil society individuals organisations, such as journalists and media outlets, non-governmental organisations (NGOs) and think tanks. The lawsuit is being filed along with the NGO Information Sharing and Analysis Center ( This is the hidden content, please Sign In or Sign Up ) in coordination with the US Department of Justice (DOJ), which has itself already seized 41 additional domains attributed to Star Blizzard today. All told, this means more than 100 malicious websites will be taken out, expanding the scope of disruption to Star Blizzard’s activity. “While we expect Star Blizzard to always be establishing new infrastructure, today’s action impacts their operations at a critical point in time when This is the hidden content, please Sign In or Sign Up is of utmost concern,” said This is the hidden content, please Sign In or Sign Up DCU assistant general counsel Steven Masada. “It will also enable us to quickly disrupt any new infrastructure we identify through an existing court proceeding. Furthermore, through this civil action and discovery, This is the hidden content, please Sign In or Sign Up ’s DCU and This is the hidden content, please Sign In or Sign Up Threat Intelligence will gather additional valuable intelligence about this actor and the scope of its activities, which we can use to improve the security of our products, share with cross-sector partners to aid them in their own investigations, and identify and assist victims with remediation efforts,” he said. Described as “relentless” by This is the hidden content, please Sign In or Sign Up , Star Blizzard’s operations date back as far as 2017, although in the past two years the group has greatly expanded its capabilities, which have been deployed against targets not just in the US but across the Nato bloc. Last year, the *** officially linked Star Blizzard to Russia’s FSB agency and sanctioned two individuals, named as Andrey Stanislavovich Korinets and Ruslan Aleksandrovich Peretyatko, associated with the operation’s work against targets in the ***, which included hack and ***** attacks prior to the 2019 general election. Most famously, as exposed by Computer Weekly investigative reporting, the group also attacked a former head of MI6 and stole and published thousands of emails from a network of hard Brexit supporters, supposedly as revenge for former prime minister Boris Johnson’s support for Ukraine. Masada said that despite the setbacks and sanctions already imposed on Star Blizzard prior to today, the operation has remained remarkably persistent. Its operatives meticulously study their targets and spoof the identities of trusted contacts to gain their trust and achieve their goals. It now believes that 82 of its customers have been targeted since January 2023, at a rate of about one ******* every week. “This frequency underscores the group’s diligence in identifying high-value targets, crafting personalised phishing emails, and developing the necessary infrastructure for credential theft. Their victims, often unaware of the malicious intent, unknowingly engage with these messages, leading to the compromise of their credentials. These attacks strain resources, hamper operations and stoke ***** in victims – all hindering democratic participation,” said Masada. An additional challenge in reaching this point has been Star Blizzard’s ability to adapt and obfuscate its activities and identity. It swiftly transitions its infrastructure to new domains whenever exposed, and has been observed doing so again after This is the hidden content, please Sign In or Sign Up in August 2024 by The Citizen Lab at the University of Toronto’s Munk School, and digital rights body This is the hidden content, please Sign In or Sign Up . Shared mission Masada continued: “Today’s action is an example of the impact we can have against cyber ****** when we work together. We applaud DOJ for their collaboration in this and other significant matters, and encourage governments globally to engage and embrace industry partners, such as This is the hidden content, please Sign In or Sign Up , in a shared mission of combatting increasingly sophisticated threats operating in cyber space. “ This is the hidden content, please Sign In or Sign Up ’s DCU will continue our efforts to proactively disrupt cyber ********* infrastructure and collaborate with others across the private sector and with civil society, government agencies and law enforcement to ****** back against those who seek to cause harm.” As a best practice, This is the hidden content, please Sign In or Sign Up is advising all civil society groups to harden their security protections, add multifactor authentication (MFA) on personal and professional email accounts, and enrol the This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up programme, which offers additional, tailored protections. However, said Redmond, these efforts must be coupled with the application of international norms to limit nation-state-backed cyber attacks, particularly those that target democratic processes. It pointed out that Star Blizzard, and by extension Russia, is clearly violating the UN Framework for Responsible State Behaviour Online. This is the hidden content, please Sign In or Sign Up # This is the hidden content, please Sign In or Sign Up #files #lawsuit #seize #domains #Russian #spooks This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up 0 Quote Link to comment https://hopzone.eu/forums/topic/141399-microsoft-files-lawsuit-to-seize-domains-used-by-russian-spooks/ Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.