SEIZED DOMAIN

The Department of Justice (DOJ) on Tuesday announced that the U.S. has obtained court orders to seize control of two online domains used by suspected Russian hackers to send malicious emails to organizations posing as the U.S. Agency for International Development (USAID).

The domains were seized following Microsoft’s announcement last week that what it assessed to be Russian hackers had accessed an email marketing program used by USAID to target hundreds of groups with malicious emails.

Microsoft assessed that the hackers were the same group behind the SolarWinds incident, which allowed Russian government-backed hackers to compromise nine federal agencies and at least 100 private sector groups for most of a year.

Following the new incident, court orders were issued in the Eastern District of Virginia allowing the DOJ to seize command and control and malware distribution domains used as part of this effort in order to protect other organizations from being targeted and to identify the hackers.