Microsoft: Fancy Bear targeted European think tanks
In a blog post Tuesday night, Microsoft announced hackers tried to breach accounts belonging to European think tanks late last year. While investigations are underway, Microsoft is "confident" many of the attempts came from the espionage group Fancy Bear, which the United States government has attributed to Russia.
The big picture: Fancy Bear — or as Microsoft calls the group, Strontium — is best known in the United States for hacking the Democratic National Committee and other political targets during the 2016 election. Notably, the German Marshall Fund runs a Russian social media disinformation tracking site known as Hamilton 68.
Details: The European hacking attempts took place between September and December, according to Microsoft.
- The hackers targeted 104 accounts belonging to employees of the German Council on Foreign Relations, as well as the European offices of The Aspen Institute and The German Marshall Fund situated in Belgium, France, Germany, Poland, Romania, and Serbia.
- The hackers attempted to use phishing websites and emails to steal credentials and deliver malware.
- Microsoft says it quickly notified the affected think tanks.
Think tanks are a valuable target for spies because they often have close ties with government officials and behind the scenes data on governance or from the government.