Microsoft uncovers major EU hacking campaign

Image Credit: Pixabay
(Image credit: Image Credit: TheDigitalArtist / Pixabay)

Microsoft is planning on making its AccountGuard cybersecurity service available to several countries in Europe after it discovered hackers targeting democratic institutions, think tanks and non-profit organizations in the region.

The hacks themselves took place between September and December 2018, targeting employees of the German Council on Foreign Relations as well as the European offices of The Aspen Institute and The German Marshall Fund.

In a blog post, Microsoft revealed that it found out about the hacks from its Threat Intelligence Center and Digital Crimes Unit. In total, the hacks targeted 104 employee accounts in Belgium, France, Germany, Poland, Romania and Serbia.

The attack methods deployed by the hackers were consistent with similar campaigns launched against US-based institutions where attackers utilized malicious URLs and spoofed email addresses to appear legitimate. These spearphishing campaigns were carried out with the intent of gaining employee credentials and delivering malware.

Strontium group

According to Microsoft, many of the attacks originated from a group of hackers called Strontium which is believed to be associated with the Russian government.

The cyber espionage group has also been referred to as APT 28, Fancy Bear, Sofancy and Pawn Storm by other cybersecurity firms and government officials.

To help those affected by the hacks, Microsoft will offer its AccountGuard cybersecurity service to 12 new markets in Europe including Germany, France and Spain.

The service will also be available in Sweden, Denmark, the Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal and Slovakia.

Via Reuters

  • Browse the web securely with the best VPN