Microsoft Disrupts APT28 Hacking Campaign Aimed at US Midterm Elections
By Catalin Cimpanu August 21, 2018 03:43 AM
Intro:

Microsoft revealed last night that it successfully disrupted a hacking campaign associated with the Russian military intelligence service GRU.

The group is known in infosec industry circles as APT28, Fancy Bear, or Strontium, and has been previously linked to cyber-espionage campaigns aimed at numerous governments around the world, including to the hack of the Democratic National Committee ahead of the 2016 US Presidential Election.
Microsoft takes over six APT28 domains

Microsoft President Brad Smith said that Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to transfer control of six internet domains created by the group. The six domains are:

URLs omitted here, just in case.

The first domain was registered to look like a domain for the International Republican Institute, which promotes democratic principles. The second was registered to mimic the Hudson Institute, an organization known for its discussions on election cybersecurity. The last four were blatant attempts at mimicking domains part of the US Senate’s IT infrastructure. Microsoft said it notified all three organizations.
Microsoft has now taken over 84 APT28 domains

Wish state and local governments would start taking this cyberwar shit seriously.