Microsoft and the DOJ intercept this Russian hacking group’s spear phishing campaign

A Russian-backed hacking group, known as Star Blizzard, has been attempting to infiltrate the systems of Western think tanks, journalists, and former military and intelligence officials. The group uses spear phishing tactics, sending emails that appear to come from trusted sources, to gain access to internal systems and steal information. Microsoft and US authorities have been tracking the group's activities since 2017 and have observed dozens of hacking attempts targeting 30 different groups since January 2023. Star Blizzard's actions are persistent and sophisticated, with the group conducting detailed research on its targets before launching an attack. The group has also targeted civil society groups, US companies, American military contractors, and the Department of Energy. A US court has unsealed documents authorizing Microsoft and the Department of Justice to seize over 100 website domain names associated with Star Blizzard. The group has been linked to Russia's Federal Security Service and has been accused of mounting a years-long cyberespionage campaign against UK lawmakers. US authorities have charged two Russian men in connection with Star Blizzard's past actions, although they are believed to be in Russia. The group's ability to adapt and obfuscate its identity presents a continuing challenge for cybersecurity professionals. Authorities expect Russia to continue deploying hacking and cyberattacks against the US and its allies.