Microsoft is not the first name you think of when you talk about vigilantism. But a team of Microsoft lawyers is using trademark law to sue Russian hacking group Fancy Bear off the web, for using domain names that infringe its copyright.
In the process, the software giant has gained an insight into how the group - believed to be a front for Russian intelligence - is set up.
The Daily Beast reports that Fancy Bear (aka Pawn Strorm, Stronium and Sofacy) have cybersquatted a bunch of domains that look a lot like a number of big companies - Microsoft being a prime example. They then use them to communicate with malware on infected computers.
Once Microsoft successfully wrestles control of the domains back, they get a view of all the servers controlled by their ursine adversaries.
"In other words," says Microsoft outside counsel Sten Jenson, "any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server."
In total, Redmond has managed to ambulance-chase 70 domains back from Fancy Bear since the initiative began.
This is good news for anyone with any level of power. Fancy Bear is responsible for hacking everyone from NATO, The White House and countless media and military agencies.
It has also been implicated in attacking the campaign if Hillary Clinton last year as part of alleged interference from Russia in the US presidential election. In fact, Fancy Bear was named in US papers before the finger of blame was pointed at Russia itself.
This Friday, a judge in Alexandria, Virgina will hear a Microsoft motion for a final, default judgement with permanent injunction against Fancy Bear.
Among the domains listed are livemicrosoft[.]net, rsshotmail[.]com and actblues[.]com, said to be the source of the hack on Mrs Clinton's office.
It may seem crazy that the biggest weapon against state cyberattack is a lawyer going after cyber squatters. But, remember, even Al Capone went down for tax evasion.
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse
Alexa for Hospitality will link with existing systems so guests can order room service and control the air con
Massive volcanic eruptions could have warmed Mars' surface sufficiently for oceans to form
Examination of fruit flies' brains generated more than one billion data points for scientists to analyse