US, Microsoft seize more than 100 websites used by Russian hackers

The US Justice Department and Microsoft said Thursday that they seized 107 internet domains used by hackers linked to Russian intelligence to target US government employees, defense contractors, and civil society organizations.

Federal investigators said hackers associated with an element of Russia’s Federal Security Service (FSB) used 41 domains in a spear phishing campaign targeting US-based companies and current and former employees in the US intelligence community, Pentagon, State Department, and Energy Department as well as US defense contractors, according to court documents unsealed Thursday.

Investigators believe the hackers were seeking to obtain “information of value to the Russian government, especially in its efforts to engage in malign foreign influence operations within the United States,” authorities said.

The Justice Department indicted two Russian intelligence officers last December in connection with the hacking campaign.

A federal court in Washington, D.C., also granted Microsoft permission to seize 66 internet domains used by the same cyberespionage group — known as the “Callisto Group” or “Star Blizzard” — to steal information from journalists, think tanks, and other civil society organizations, the company said.

A lawyer for Microsoft’s Digital Crimes Unit said in a blog post that the group has targeted at least 82 of its customers since January of last year, “a rate of approximately one attack per week.”