Microsoft has spotted a new hacking campaign targeting 2018 midterm elections.
The tech giant attributed to Russia-linked APT28 a series of cyber attacks aimed at Members of United States’ Senate, conservative organizations and think tanks.
According to Microsoft, the Russian cyberspies created at least six fake websites related to US Senate and conservative organizations to infect the visitors’ systems.
The remaining websites were designed to mimic two U.S. conservative think tanks:
The fake sites were created over the past several months, hackers registered them with major web-hosting companies.
Microsoft did not provide further details on the attacks.
In July, speaking at the Aspen Security Forum, Microsoft VP Tom Burt announced that the tech company uncovered and stopped attempts to launch spear-phishing attacks on three 2018 congressional candidates.
Microsoft blamed the Russian APT28 group for the attacks.
We “discovered that the [fake domains] were being registered by an activity group that at Microsoft we call Strontium…that’s known as Fancy Bear or APT 28,” Burt explained.
“The consensus of the threat intelligence community right now is [that] we do not see the same level of activity by the Russian activity groups leading into the mid-year elections that we could see when we look back at them at that 2016 elections,”
The discovery made by Microsoft is part of the Microsoft’s Defending Democracy Program launched in April that is focused on four priorities: protecting campaigns from hacking, protecting voting and the electoral process, increasing political advertising transparency, and defending against disinformation campaigns.
Microsoft announced also its initiative AccountGuard that provides the following services to organizational and personal email accounts: