Illustration by Alex Castro / The Verge
Microsoft seized seven domains belonging to Strontium, also known as Fancy Bear or APT28, a Russian hacking group with ties to the country’s military intelligence agency, the company announced in a blog post (via TechCrunch). According to Microsoft, Russian spies used these sites to target Ukrainian media outlets, as well as foreign policy think tanks and government institutions located in the US and the European Union.
Microsoft obtained a court order to take control of each domain on April 6th. It then redirected them to a sinkhole, or a server used by cybersecurity experts to capture and analyze malicious connections. The company says it has seized over 100 domains controlled by Fancy Bear before this most recent takedown.