Microsoft has blamed a hacking group previously linked to the Russian government and US political hacks for recent cyber attacks that exploited a newly discovered Windows security flaw. The software maker said there had been a small number of attacks using “spear phishing” emails from a hacking group known as Strontium, which is more widely known as “Fancy Bear,”. Microsoft did not identify any victims. Microsoft’s disclosure of the new attacks and the link to Russia came after Washington accused Moscow of launching an unprecedented hacking campaign aimed at disrupting and discrediting the upcoming US election. The US government last month formally blamed the Russian government for the election-season hacks of Democratic Party emails and their subsequent disclosure via WikiLeaks and other entities. Russia has denied those accusations. The group was also said to be responsible for hacking the records of athletes including Laura Trott and Nicola Adams.
Microsoft said a patch to protect Windows users against the newly discovered threat will be released on November 8, which is Election Day. It was not clear whether the Windows vulnerability had been used in any of the recent US political hacks. Representatives of the FBI and the Department of Homeland Security could not immediately be reached for comment.
A US intelligence expert on Russian cyber activity said that Fancy Bear primarily works for or on behalf of the GRU, Russia’s military intelligence agency, which US intelligence officials have concluded were responsible for hacks of Democratic Party databases and emails.