Oct 04, 2024 20:27:00

The U.S. Department of Justice has seized over 100 domains used by Star Blizzard, a hacking group linked to the Russian government.

The U.S. Department of Justice has seized more than 100 domains used by Star Blizzard, a hacking group believed to be linked to the Russian Federal Security Service (FSB), for computer fraud and other illegal activities.

Office of Public Affairs | Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts | United States Department of Justice

https://www.justice.gov/opa/pr/justice-department-disrupts-russian-intelligence-spear-phishing-efforts

Protecting Democratic Institutions from Cyber Threats - Microsoft On the Issues

https://blogs.microsoft.com/on-the-issues/2024/10/03/protecting-democratic-institutions-from-cyber-threats/

US, MIcrosoft Take Down Websites Used by Hackers Linked to Russian FSB, DOJ Says - Bloomberg

https://www.bloomberg.com/news/articles/2024-10-03/us-takes-down-websites-used-by-hackers-linked-to-fsb-doj-says

'Star Blizzard' was named based on Microsoft's naming conventions for threat actors , and the name 'Blizzard' was given to the threat actor because it is believed to be Russian nation-state involvement.

It has been reported that the UK conveyed concerns to the Russian ambassador to the UK in December 2023 that Star Blizzard had launched a cyber attack to interfere in the UK's internal affairs.

British government accuses Russian intelligence hacker 'Star Blizzard' of interfering in domestic affairs through cyber attacks - GIGAZINE

The Department of Justice reported that it had seized 41 domains used for computer fraud, etc. Microsoft also reportedly seized 66 domains following a civil lawsuit.

'The domain seizure reflects the Department of Justice's cyber strategy in action - using all tools available to disrupt and deter malicious nation-state cyber threat actors,' said Deputy Attorney General Lisa Monaco. 'The Russian government uses legitimate-looking email accounts to deceive victims, obtain account credentials, and steal sensitive information. With the continued support of our private sector partners, we will remain relentless in our efforts to expose Russian threat actors and cybercriminals and take away the tools of their illicit trade.'

According to the investigation, Star Blizzard has been conducting cyber attacks on Microsoft customers using emails containing phishing links, and more than 30 targets, including journalists, think tanks, and NGOs, have been confirmed.

Other targets included US-based companies, former members of intelligence agencies, defense contractors, and employees of the Departments of Defense and Energy.

In addition to Star Blizzard, there are other FSB-linked attack groups that are still active, but it is believed that the seizure of these domains will slow down their attacks.