Microsoft wins a trademark case against Russian hackers, and it’s more useful than you think

Microsoft has won a court injunction against Russian hacking group Fancybear this Tuesday,  banning them from hacking Microsoft computers or using their trademarks.

The US District Court for the Eastern District of Virginia permanently enjoined Fancy Bears from sending malicious software or code to infect Microsoft or Microsoft’s customers without authorization.

Of course telling criminals that they should not do something illegal would not seem to be the most effective strategy, but the win now gives Microsoft unique powers, which will let them undermine targetted attacks against the company.

Microsoft can now legally take “command and control” of domains owned by the hackers which are used for malicious attacks, such as  microsoftinfo365.com and livemicrosoft.net. Removing these sites, which usually use Microsoft’s branding and trademarks, undermines the ability of hackers to trick users into revealing their passwords and download malicious software on their computers.

“Granting Microsoft possession of these domains will enable Microsoft to channel all communications to those domains to secure servers, thereby cutting off the means by which the Strontium defendants communicate with the infected computers,” Jason Norton, a threat intelligence manager at Microsoft, wrote in an August 2016 court filing.

“In other words, any time an infected computer attempts to contact a command and control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server. While it is not possible to rule out the possibility that the Strontium defendants could use fallback mechanisms to evade the requested relief, redirecting this core subset of Strontium domains will directly disrupt current Strontium infrastructure, mitigating risk and injury to Microsoft and its customers.”

Microsoft has identified thousand such malicious domains and has so far taken over  70 different command and control points from the hacking group since August.

Fancybear of course never showed up in court to defend themselves, and US District Judge Gerald Bruce Lee ‘s decision was a default judgement.

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.

Source Related
Comments