Amazon today said it disrupted an intel-gathering attempt by Russia's APT29 to trick Microsoft users into unwittingly granting the Kremlin-backed cyberspies access to their accounts and data.

APT29, also known as Cozy Bear and Midnght Blizzard, is probably best known for the 2020 SolarWinds hack , and has been widely linked to Russia's Foreign Intelligence Service (SVR) by the US, UK, and other governments and security researchers. And this particular bear has developed a taste for Microsoft data and user credentials over the years.

In its most recent watering hole campaign , the attackers compromised legitimate websites and injected malicious JavaScript code that redirected about 10 percent of visitors to actor-controlled domains.

The domains included findcloudflare[.]com and cloudflar

See Full Page