At midnight on Tuesday, Microsoft published a blog post about its “new steps against broadening threats to democracy.”
The post explains that Microsoft detected and shut down some infrastructure allegedly put up by Russian government hackers—those known as Fancy Bear or APT28—to launch phishing attacks against some political nonprofits and think tanks. It’s not clear how, but the company was able to find six domains registered by Fancy Bear. Judging from their names (senate[.]group and office365-onedrive[.]com for example), it figured out that they were created with the goal of deceiving targets into believing these were legitimate Microsoft
This post first appeared on motherboard security news. Read the full article.