HomeWinBuzzer NewsMicrosoft Wins Court Approval to Combat Fancybear Hackers

Microsoft Wins Court Approval to Combat Fancybear Hackers

Microsoft has won the right to prevent Fancybear hackers from using malicious domains with the company’s name. The trademark victory means Microsoft can take over these domains and delete them.

-

has won a potentially landmark case against a Russia-based hacking group. A court injunction against Fancybear stops the group from Microsoft or using the company's trademarks.

The case was before the U.S. District Court of Virginia, which ruled Fancybear can no longer send malicious content to Microsoft. Hackers from the group are also banned from sending infections to Microsoft customers.

As you may suspect, there is nothing US law can do to stop Fancybear. The hackers could still continue to attack Microsoft and its customers. So, perhaps the ruling is pointless? Not quite, the result is not completely without merit as it gives Microsoft some power to stop attacks from Fancybear.

Because of this decision, Redmond can take domains owned by the group. These domains are used to target malicious content, but Microsoft will now be able to control them. The company will remove these domains, which usually include Microsoft trademarks, such as microsoftinfo365.com.

Trademark Victory

So, in reality, the court ruling was a trademark case, but it could show a way for companies to take control over sites used by hackers.

“Granting Microsoft possession of these domains will enable Microsoft to channel all communications to those domains to secure servers, thereby cutting off the means by which the Strontium defendants communicate with the infected computers,” Jason Norton, a threat intelligence manager at Microsoft, wrote when the filing was made last year.

“In other words, any time an infected computer attempts to contact a command and control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server.

While it is not possible to rule out the possibility that the Strontium defendants could use fallback mechanisms to evade the requested relief, redirecting this core subset of Strontium domains will directly disrupt current Strontium infrastructure, mitigating risk and injury to Microsoft and its customers.”

Microsoft says there are over a thousand malicious domains used by Fancybear. Since the ruling, the company has already taken control of 70 of those domains and will continue to do so. As expected, Fancybear did not participate in the case and the court decision was by default.

SourceMSPU
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News