Microsoft wins a trademark case against Russian hackers, and it's more useful than you think
2 min. read
Published on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
Microsoft has won a court injunction against Russian hacking group Fancybear this Tuesday, Â banning them from hacking Microsoft computers or using their trademarks.
The US District Court for the Eastern District of Virginia permanently enjoined Fancy Bears from sending malicious software or code to infect Microsoft or Microsoft’s customers without authorization.
Of course telling criminals that they should not do something illegal would not seem to be the most effective strategy, but the win now gives Microsoft unique powers, which will let them undermine targetted attacks against the company.
Microsoft can now legally take “command and control” of domains owned by the hackers which are used for malicious attacks, such as microsoftinfo365.com and livemicrosoft.net. Removing these sites, which usually use Microsoft’s branding and trademarks, undermines the ability of hackers to trick users into revealing their passwords and download malicious software on their computers.
“Granting Microsoft possession of these domains will enable Microsoft to channel all communications to those domains to secure servers, thereby cutting off the means by which the Strontium defendants communicate with the infected computers,” Jason Norton, a threat intelligence manager at Microsoft, wrote in an August 2016 court filing.
“In other words, any time an infected computer attempts to contact a command and control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server. While it is not possible to rule out the possibility that the Strontium defendants could use fallback mechanisms to evade the requested relief, redirecting this core subset of Strontium domains will directly disrupt current Strontium infrastructure, mitigating risk and injury to Microsoft and its customers.”
Microsoft has identified thousand such malicious domains and has so far taken over  70 different command and control points from the hacking group since August.
Fancybear of course never showed up in court to defend themselves, and US District Judge Gerald Bruce Lee ‘s decision was a default judgement.
User forum
0 messages