Skip to main content

Microsoft seeks to subvert Russian hackers in the courtroom

Microsoft is striking out to hinder the hacking efforts of Fancy Bear, a group that is believed to be linked to the Russian government, and who U.S. intelligence agencies say is behind attacks on the Democratic National Committee and the Hillary Clinton campaign in the 2016 U.S. elections. As reported by The Daily Beast, Microsoft is going about its efforts in a unique way: taking legal control of Fancy Bear's command-and-control domains.

The Daily Beast reports:

The action, though, is not about dragging the hackers into court. The lawsuit is a tool for Microsoft to target what it calls "the most vulnerable point" in Fancy Bear's espionage operations: the command-and-control servers the hackers use to covertly direct malware on victim computers. These servers can be thought of as the spymasters in Russia's cyber espionage, waiting patiently for contact from their malware agents in the field, then issuing encrypted instructions and accepting stolen documents.

Since the lawsuit was launched last year, Microsoft has managed to seize more than 70 command-and-control domains from Fancy Bear, the report explains. Any time a command-and-control server attempts to connect to a seized domain, it will instead be directed to a Microsoft-controlled server.

The basis of the court filing lies in the names Fancy Bear chooses for its domains, which have historically contained some reference to Microsoft or its products. Some examples cited by the report include "livemicrosoft[.]net" or "rsshotmail[.]com."

Microsoft is actively continuing its efforts to identify and cut off Fancy Bear's access to new domains as they are created. The efforts are already having an effect, as Fancy Bear has started switching to names that are a little more general. Microsoft is planning to ask for a final judgment from the judge presiding over the case on Friday. If a permanent injunction is granted, Microsoft will gain ownership over domains that it has seized.

Dan Thorp-Lancaster is the Editor in Chief for Windows Central. He began working with Windows Central as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl. Got a hot tip? Send it to daniel.thorp-lancaster@futurenet.com.

38 Comments
  • Good! The article mentions the hackers using fake MS files. Not everything is about your precious Troubled Trump.
  • There was NO hacking in the election!!! Just leftist BS!!!!!
  • Both sides are BS
  • How does that Kool-Aid taste, commrade?
  • you tell us, since you're attacking somebody on something you not only can't prove but also that the very people who present you the story call it a "nothing burger" and mock how stupid Americans are
  • Indeed! Yet another fake story created by the MSM!
  • Time had a good article on the documented hacking of the election and it wasn't nearly as alarmist as some media reports have speculated, and certainly does not appear to have affected the outcome. Although, the Time article also mentioned how there was evidence it could have been much worse and there was little the Feds could have done to stop it.
  • there was no hacking, and even if there was there is no way to prove from where - especially with a state actor that is as profound at cyberwarfare as Russia is. Time is a biased propaganda outlet at this point so anything they say with a pound of salt. Not that long ago it came out that US intelligence uses tools to disguise themselves as if that of another nation...given that the tools claimed to be used were out of date and incongruent with current software the Russians use, then it's very hard to believe they were behind it and be sloppy enough to leave a candy trail. It also came out (well documented) that the only party WE KNOW AS A FACT to have compromised elections across several states was the U.S. Department of Homeland Security, to which they tried to dismiss as a "rogue employee". We also know that the Obama administration flip-flopped on the probability of foreign meddling when comparing statements made before any elections and after not getting the results they wanted, but most importantly did try to actually demand federalization of state elections. 2+2+2=??? 
  • LOL Sure there wasn't. How's the weather in Moscow?
  • It's over cast with a light rain. The weathers been not so great this summer. Lots of rain and the highest temp was 25c.
  • Yesterday it was reported that Putin said he's considering being President for life. As a Russian, how do you feel about that? I'm sincerely curious.
  • Ha ha…too funny. You think there was no hacking? I have a lovely beachfront property in antarctica to sell you.
  • uhh, there are beaches in antartica.
  • Yeah but he doesn't know anything. Antarctica is a international space. It was agreed by all nations that none would claim land there and would be for scientific research only. Now if he had any humor at all he would have said that he has a prototype Surface Phone to sell.
  • Hey,  if you vote for that orange shitgibbon you would believe anything.....
  • Just make sure it isn't on Australian Antartic Territory - when the RWNJ's are finished screwing the environment up with their filthy fossil fuels that land will be very valuable if it isn't underwater from melted ice caps.
  • I have oodles of Uranium to sell you, but you must first give 100M USD to the Clinton Foundation.
  • Good job Microsoft. Keep hitting these vermin wherever you can.
  • Killary supporters can't accept the defeat. Yet another FAKE NEWS by the MSM! God Bless America.
  • Says the Trumpster who hates our country's military/intelligence agencies. Move to Russia.
  • False.
  • Trump is a shitstain on the underwear of america!  
  • I'll take a stain over a loaded Depends (Hillary) or Huggies (BHO) any day.
  • idiotic sanitation effort on a narrative that was poorly constructed to begin with. You're already misrepresenting facts by saying "intelligence agencies" presume Russia is absolutely behind it - they haven't proven it because they can't and the quote came from a handful of political appointees and not several agencies. The narrative itself was actually never substantiated and there actually is overwhelming physical and circumstantial evidence that points to the "hacks" not being hacks at all, but whistleblowers. On top of that Fancy Bear is a slav faction of Anonymous spanning from Poland, Russia, and the countries in-between. This narrative never had legs to stand on right out of the gate so sad to see Microsoft stoop this low to double-down- especially this late to help prop up the failed story for their fellow travelers when they should do anything they could to stay away as far as possible (aside from the fact they should just stay out of politics in the first place) 
  • False. 17 INTELLIGENCE AGENCIES concluded Russia was behind the hackings. Trump's own kids caught emailing Russian officials for dirt on HRC. Take off the blinders moron.
  • The "17 agencies" was debunked long ago and it's own fallacy was corrobrated by the very head of those agencies (DNI James Clapper) in recent testimony. Try to actually keep up instead of instantly buying into what you merely read in a headline. The report ONLY REPRESENTED THE OPINIONS OF 3 AGENCIES within a self-admittedly rushed, haphazard invetigation expressing the opinions of 3 very politically-appointed characters that historically had no troubles perjuring themselves when required, mind you. James Clapper is the director/figurehead/mouthpiece of those 17 agencies merely speaking for them under his position, and has since danced around his own initial endorsements of aforementioned report. Most of the people that reported that fact to you have since retracted, including the larger perveyors such as the NYT. Remember that when they devote the front page to lie to you, duping you with one secret anonymous source after another with paragraphs of skewed "expert opinions", that the retraction will be a single sentence buried in the least read section of the paper; or if on TV be expressed at 3:30 AM so that it still officially counts
  • That was a lie. It was 3 agencies and they were only "moderately confident" that Russia hacked the election. No proof on the DNC because they won't let anyone look at their servers. Why would that be?
  • https://theforensicator.wordpress.com/ Good research on how it couldn't have been hackers. This and just the fact that the DNC never let the FBI look at their server. How can they say for sure if they didn't see the evidence? You want us to just believe the people who got caught cheating Bernie Sanders to tell the truth? Oh yeah people who cheat always tell the truth. I would expect more from a bunch of tech geeks. It's all to easy to hack and make it look like someone else did it.
  • I know who has Hillary's emails too. The NSA, they have everybody's emails. This whole Russian hacking thing is to get you to not look at the guilty. Why won't the FBI find out what Kim Dotcom knows? He said it was Seth Rich who leaked the DNC emails. WikiLeaks offered a $25,000 reward for information on who killed him. The DNC dedicated a bike rack in his name. Nice huh? The DNC is now being sued over their cheating but you don't hear about that on the news. All we hear is Russia, Russia, Russia. Spend more on the military.
  • Sure Comrade and I suppose Russia has a free and independent media too right? LOL
  • Revenge for Windows OS ban in Russia!?
  • What ban? I live in Moscow and I can tell you there for sure no ban on Windows OS. In fact all government offices run on Windows, so does the metro. There is also many Windows Phone uses here.
  • LOL! The Trumpsters commenting against Microsoft once again proving how they support treason.
  • You don't even know what the word treason means. Do you know what the penalty for treason is? It's death.
  • When Benedict Arnold looks more trustworthy than your president and it's staff, you know the word "treason" isn't tossed around lightly.
  • how are we supporting treason and what laws were specifically broken in what happened to the DNC? They are a private organization and not an official wing of the government, first of all. Second of all, should we get into how much selling-out Clinton did to foreign powers, including Russia and China, in exchange for political and "charitable" donations? How about the fact that whether it was Bill Clinton or Ted Kennedy (and then some), that it was progressive democrats that actually had routinely cut deals with Russia for help during presidential runs? Is it treason that the entire progressive Democratic party and half of the GOP are so heavily invested in selling out American sovereigny to internationalism? While on the Clintons, what a small coincidence that then-small fry China suddenly exploded into a global super-power and was constantly given access when not outright stealing military and trade secrets on top of all the enabling done through lop-sided trade treaties and conveniently-timed commodity liquidations that only they were allowed to buy with then-borrowed money. But yeah...ignore all that and keep telling us that the real treason lies(pun?) in semantically broken hacking narratives that have to be tweaked by the day and gems like "Pee-Pee gate" that had to be manufactured due to how little their oppositional research from the DNC itself turned up on Trump. You genuinely never actually wondered why the intelligence superpower of the world along with help from a cadre of other nations, which routinely snap up every piece of communication in the country - if not the planet, still have jack squat this much later and never had anything up until after he became a viable candidate and won?
  • Upon reading this article, Microsoft shareholders must be thinking STFU to their legal department. Thank the Russian hackers instead. MSFT stocks are flying historic highs.
  • I guess sabotaging the Russian hackers makes a change from sabotaging the pitiful remnants of their own phone division.