Microsoft says it disrupted attempted hacks by Russian spies on Ukraine, US

US tech giant Microsoft said it had neutralised hacking attempts by Russians who tried to intrude into Ukrainian, European Union and American targets.

Microsoft said the attacks were done by a group it calls “Strontium”. “This week, we were able to disrupt some of Strontium’s attacks on targets in Ukraine,” the company said in a blogpost.

“Strontium was using this infrastructure to target Ukrainian institutions including media organisations. It was also targeting government institutions and think tanks in the US and the European Union involved in foreign policy,” said the company.

Ukraine has been pounded with attacks since Russia invaded the country in February.

Microsoft said it is taking legal and technical action to gain control over the domains controlled by Strontium. It had received a court order the enables it to gain back seven domains on April 6.

“We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium’s current use of these domains and enable victim notifications,” it said.

Microsoft said it believes that Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information.

“We have notified Ukraine’s government about the activity we detected and the action we’ve taken,” it said.