US says it disrupted Russian efforts to hack government agencies

WASHINGTON - The US has seized 41 internet domains used by Russian intelligence agents and their proxies to hack into government agencies, including the Pentagon and State Department, the Justice Department (DOJ) said on Oct 3.

The department in a statement said it had acted concurrently with a Microsoft effort to take down 66 internet domains used by the same actors.

The seized domains were used by hackers linked to a unit of the Russian Federal Security Service (FSB).

“The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate e-mail accounts to trick victims into revealing account credentials,” said Deputy Attorney-General Lisa Monaco.

The hackers had used the domains in a spear-phishing campaign aimed at getting access to information from US companies, former employees of the US intelligence community, former and current Department of Defence and State Department employees, US military defence contractors and staff at the Department of Energy, the DOJ said.

The seized domains were used by hackers belonging to the Callisto Group and its partners, which the DOJ described as a unit within the FSB.

The group, also known as Cold River or Star Blizzard, first appeared on the radar of intelligence professionals after it targeted Britain’s foreign office in 2016.

The Russian embassy did not immediately respond to a request for comment.

In December 2023, the DOJ announced charges against two hackers affiliated with Cold River for a campaign to hack into computer networks in the US, Britain, other Nato members and Ukraine. REUTERS