What is Fancy Bear Hacker Group?
Fancy Bear Hacker Group (also known as APT28, Mortgage Storm, Sofacy Group, Sednit and Strontium) is a computer espionage group.
The cyber security CrowdStrike Rama said with a medium level of confidence that is associated with the Agency of Russian military companies GRU.Security intelligence SecureWorks, ThreatConnect FireEye and Mandiant also said the group is sponsored by the Russian government.
The name “Fancy Bear” is not derived from the hacker group itself, but is in a coding system used by security researcher Dmitri Alperovitch to identify hackers.
What could be the best way to take and interrupt computer espionage campaigns?
Probably not. At least not when it is Microsoft, it is constantly trying to protect its users from hackers, cyber criminals, and government-sponsored groups.
It was now revealed that Microsoft has taken a different approach to stopping a large number of cyber espionage campaigns carried out by fancy bear hacker group through the cause as a tool – a technology company cleverly knows some of its Servers with help law.
Microsoft has used its legal team last year to sue the Bear Fantasy in a federal court in Washington, accusing the group of hacking intrusions, cybersquatting and the reservation of several domain names that infringe on Microsoft trademarks, the second a detailed report Published by the daily beast.
Mortgage – is a sophisticated hacking group that has been in business for at least 2007 and was also accused of assaulting the National Democratic Committee (DNC) and the Clinton Campaign in Try to influence the presidential election of the United States.
The group of hackers is believed to be associated with the GRU, the military intelligence agency secret military, but Microsoft has not mentioned any connection between Fancy Bear Hacker Group and the Russian Government in its cause.
Also Read: Tor Project Launched Tor Bug Bounty Program
Instead of registering the generic domain for its computer espionage operations, Fancy oso has often chosen domain names that appear Microsoft products and services such as livemicrosoft [.] Net and rsshotmail [.] Com, to execute their piracy and their espionage Cyber campaigns.
This inadvertently gave Microsoft the opportunity to drag the group of hackers “unknown members” into the court of law.
Fantasy domains Microsoft Sinkholed bears
The purpose of the lawsuit was not to bring criminal groups into court; Instead, Microsoft has appealed to the court to acquire the domain of the bear’s luxury properties – many of which act as a command and control server for various types of malicious software distributed by this Fancy Bear Hacker group.
“These servers can be considered as the spy chief in computer spying in Russia, patiently waiting for the contact of their malware agents in the field, issuing encrypted instructions and accepting stolen documents,” the report said.
Although Microsoft has not yet obtained full ownership of these domains, the judge published last year signed an order to register domain names “forcing them to tamper” the DNS at least 70 Fantasia bear domains and point it at Microsoft servers.
In the end, Microsoft has used the case as an instrument to create sink domains, allowing the company Digital Criminal Unit to actively monitor malware infrastructure and identify potential victims.
“By analyzing traffic to its collapse, security experts at the company have identified 122 new victims of cyber espionage, which advises Internet service providers,” the report said.
Microsoft has appealed and is still awaiting a ruling for lack of final against the luxury bear, which was set for the hearing on Friday in a Virginia court.