Microsoft is taking down suspected Russian hackers using American trademark law, with a year-long legal battle tentatively drawing to a close this week.
Microsoft filed suit against the hackers last year for computer intrusion and infringing on its trademarks. It alleged the John Does responsible, through an operation called “Strontium,” have broken into Microsoft accounts and stolen info from Microsoft customers.
A classic Law & Order legal battle, this is not. The hackers aren’t facing down Microsoft’s lawyers in person — it’s still not known who they are or where they’re operating from. The legal documents describe the defendants as a “sophisticated and well-resourced organization.” According to The Daily Beast, declassified American intelligence alleges the same party to be an arm of Russian military intelligence.
In lieu of facing them in open court, Microsoft is using American trademark law to take control of domains the group uses that incorporate protected keywords, such as livemicrosoft.net and rsshotmail.com. The domains are redirected from the Russian-controlled servers to ones Microsoft owns.
One of Microsoft’s analysts summed up its position in a legal briefing:
Granting Microsoft possession of these domains will enable Microsoft to channel all communications to those domains to secure servers, and thereby cut off the means by which the Strontium defendants communicate with the infected computers … The requested relief will also enable Microsoft to assist its customers who have been compromised by the Strontium defendants.
So far, Microsoft has taken 70 command-and-control points away from the hackers. A judge is due to rule this week on whether to grant Microsoft a permanent injunction against the hackers.