Microsoft has announced that it attempted to disrupt the cyber-attacks against Ukraine launched by the Russian government by seizing several domains used by a well-known state-sponsored threat group. There will be the seizure of seven domains belonging to the Strontium, APT28, Fancy Bear, Pawn Storm, Sednit, and Tsar Team groups.
The cyberespionage group, which is affiliated with Russia’s GRU military intelligence service, has conducted operations against a variety of organizations worldwide in recent years. On April 6, the tech giant obtained a court order authorizing it to sinkhole the domains, which were allegedly used to target Ukrainian media and other organizations.
The company also said that government institutions and think tanks in the United States and the European Union — particularly those involved in foreign policy — were targeted.