Following a court order, Microsoft has shut down 6 phishing domains run by cyber-espionage group Strontium/Fancy Bear/APT28 associated with the Russian government. The technology company has used the same approach to shut down 84 fake websites - by the same group, 12 times in 2 years it said in its blog post. The domains were posing as legitimate portals of the US Senate and two conservative US think-thanks. The six domains that Microsoft took down were — - my-iri.org - hudsonorg-my-sharepoint.com - senate.group - adfs-senate.services - adfs-senate.email and - office365-onedrive.com Microsoft adds that "To be clear, we currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains." Pattern mirrors 2016 election activity: Microsoft Microsoft expressed concern that the attacks were aimed across the political spectrum to target think-thanks, elected officials, and politicians. This, it noted, followed patterns it observed prior to the 2016 US Elections and the 2017 elections in France. Microsoft said that a federal court, which ordered the suspension, concluded that there is “good cause” to believe that Strontium is “likely to continue” its conduct. It assumes on the side of caution that the attacks may broaden further. Russia denies attempted hacking efforts Meanwhile, Russia has denied any knowledge of an attack on US political systems. "From the US, we hear that there was not any meddling in the elections. Whom exactly they…
