Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your application’s future with our API Penetration Test, designed to identify vulnerabilities and protect your data through real-world attack simulations.

        • Network Penetration Testing
        • Boost your network’s security with our Network Penetration Testing service, where we simulate cyber-attacks to uncover vulnerabilities before they can be exploited by malicious actors.

        • Mobile Penetration Testing
        • Identify and address security vulnerabilities in your mobile app through simulated cyber-attacks, ensuring the safety of user data and seamless functionality.

        • Web Penetration Testing
        • Discover and mitigate security risks in your web application through simulated cyber-attacks, fortifying your online presence against potential threats.


        • OTHERS

Microsoft Takes Down APT28 Domains Used in Attacks Against Ukraine

Microsoft Takes Down APT28 Domains Used in Attacks Against Ukraine

Microsoft has successfully disrupted attacks against Ukrainian targets coordinated by the Russian APT28 hacking group after taking down seven domains used as attack infrastructure.

Strontium (also tracked as Fancy Bear or APT28), linked to Russia’s military intelligence service GRU, used these domains to target multiple Ukrainian institutions, including media organizations.

The domains were also used in attacks against US and EU government institutions and think tanks involved in foreign policy.

Also Read: New Licensing Requirements For Cyber-Security Service Providers in 2022

“On Wednesday, April 6th, we obtained a court order authorizing us to take control of seven internet domains Strontium was using to conduct these attacks,” said Tom Burt, Corporate Vice President of Customer Security & Trust at Microsoft.

“We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium’s current use of these domains and enable victim notifications.

“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information.”

Microsoft also notified the Ukrainian government about Strontium’s malicious activity and the disruption of efforts to compromise targeted organizations’ networks in Ukraine.

Linked to hacks targeting governments worldwide

Before this, Microsoft filed 15 other cases against this Russian-backed threat group in August 2018, leading to the seizure of 91 malicious domains.

“This disruption is part of an ongoing long-term investment, started in 2016, to take legal and technical action to seize infrastructure being used by Strontium. We have established a legal process that enables us to obtain rapid court decisions for this work,” Burt added.

Also Read: A Closer Look: The Personal Information Protection Law in China

APT28 has been operating since at least 2004 on behalf of Russia’s General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165.

Its operators are linked to cyber-espionage campaigns targeting governments worldwide, including a 2015 hack of the German federal parliament and attacks against the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC) in 2016.

Members of this Russian military hacking unit have been charged by the US for hacking the DNC and the DCCC in 2018, and for targeting and hacking individual members part of the Clinton Campaign.

Two years later, the Council of the European Union announced sanctions against multiple APT28 members for their involvement in the 2015 hack of the German Federal Parliament (Deutscher Bundestag).



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us