Tech

Microsoft discovers fake Russian sites targeting U.S institutions

Microsoft said on Monday night that a group affiliated with the Russian government created phony versions of six websites — including some related to public policy and to the U.S. Senate — with the apparent goal of hacking into the computers of people who were tricked into visiting.

The tech giant said it has disabled the fake sites which were created over the past several months. It said it had found no evidence that the fake sites it recently discovered were used in attacks, but fake sites can carry malware that automatically loads onto the computers of unsuspecting visitors. Hackers often send out deceptive “spear-phishing” emails to trick people into visiting sites that appear to be authentic but in fact allow the attackers to penetrate and gain control of computers that log on, allowing the theft of emails, documents, contact lists and other information.

According to Washington Post, the effort by the notorious APT28 hacking group, which has been publicly linked to a Russian intelligence agency and actively interfered in the 2016 presidential election, underscores the aggressive role Russian operatives are playing ahead of the midterm congressional elections in the United States. U.S. officials have repeatedly warned that the November vote is a major focus for interference efforts.

Microsoft’s Digital Crimes Unit, which is responsible for the company’s response to email phishing schemes, took the lead role in finding and disabling the sites, and the company is launching an effort to provide expanded cybersecurity protection for campaigns and election agencies that use Microsoft products.

Among those targeted were the Hudson Institute, a conservative Washington think tank active in investigations of corruption in Russia, and the International Republican Institute (IRI), a nonprofit group that promotes democracy worldwide. Three other fake sites were crafted to appear as though they were affiliated with the Senate, and one nonpolitical site spoofed Microsoft’s own online products.

“This apparent spear-phishing attempt against the International Republican Institute and other organizations is consistent with the campaign of meddling that the Kremlin has waged against organizations that support democracy and human rights,” said Daniel Twining, IRI’s president, who put blame on Russian President Vladi­mir Putin. “It is clearly designed to sow confusion, conflict and fear among those who criticize Mr. Putin’s authoritarian regime.”

Comments
To Top