Microsoft Goes After Fancy Bear

Microsoft, in its continued effort to protect its users from hackers, cyber criminals and state-sponsored groups, has taken a new approach. It is using the court system to take over the cybercriminals servers.

One of its targets is the Russian hacking group Fancy Bear. With the help of the legal system, Microsoft has hijacked some 70 of its servers.

Microsoft sued Fancy Bear in federal court for computer intrusion, cybersquatting, and reserving several domain names that violate Microsoft's trademarks.

Microsofts suit was an appeal to the court to gain the ownership of Fancy Bear domains, many of which used Microsoft look alike names. Those domains act as command-and-control servers for various malware distributed by the group.

Microsoft has not yet gained complete ownership of those domains, however, the court did issue an order to domain name registrars to change the DNS of those domains to re-direct them back to Microsoft servers.

Microsoft created sinkhole domains to monitor the hackers traffic and has identified potential victims, which they have alerted.

Source: The Hacker News