Disrupting COLDRIVER: U.S. court orders seizure of domains used in Russian cyberattacks

**Executive Summary:** Microsoft’s Digital Crimes Unit, together with NGO-ISAC and coordinated with the U.S. DOJ, took legal action to seize and dismantle infrastructure used by COLDRIVER (aka STAR BLIZZARD), a Russian FSB-attributed threat actor that ran sophisticated spear-phishing campaigns targeting Russian and Western civil society; the report summarizes the joint investigation by The Citizen Lab and Access Now and includes victim support and security guidance.