Hackers reportedly linked with the Russian government tried to target users by mimicking websites of political organisations in the United States, Microsoft said on Monday. The software company said it had thwarted the attempts by taking control of six fake website domain names.
“Last week, Microsoft’s Digital Crimes Unit successfully executed a court order to disrupt and transfer control of six internet domains created by a group widely associated with the Russian government and known as Strontium, or alternatively Fancy Bear,” the company said in a blog. “We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group.”
To make their attacks look realistic, the attackers use the fake websites to mimic those that their targeted victims would visit or expect to receive email from, the company said.
“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft said. Mid-term elections are due in the United States in November. Russia is alleged to have interfered in the presidential elections of 2016, which Donald Trump won.
The website domains that Microsoft took control of mimicked Senate websites, the Office 365 website, and the websites of International Republican Institute and Hudson Institute. The International Republican Institute, which promotes democratic principles, has six Republican senators on its board. The Hudson Institute is a conservative group that has hosted discussions on topics including cybersecurity.
According to The New York Times, these organisations were targeted possibly because there were no longer supporters of President Donald Trump, and “are seeking continued sanctions against Moscow, exposing oligarchs or pressing for human rights”.