Microsoft takes Down "50 Web Domains" used by North Korean Hackers, allegedly stealing "Highly Sensitive Information" from Microsoft users via spear-phishing attacks traced as Thallium.
The hacker's group were also used malicious software that can access other data on a victim's computer.
The US Tech Giant, Microsoft on Monday that a federal court allowed it to take control of 50 domains accused a cyber-espionage group with North Korean Hackers links traced as "Thallium" for breaking into its Microsoft users accounts and networks via spear-phishing attacks with the end goal of "Stealing Sensitive Information", as shown by a complaint unsealed on December 27.
The company said that it obtained a court order allowing it to seize 50 web domains used by North Korean hacking groups to launch cyberattacks on human rights activists, researchers and others.
The list of 50 Web Domains used by Thallium in their attacks and taken down by Microsoft on a court order is available in Appendix A of the complaint. [Appendix A]
As stated by The Microsoft,
"To manage and direct Thallium, Defendants have established and operated a network of websites, domains, and computers on the Internet, which they use to target their victims, compromise their online accounts, infect their computing devices, compromise the security of their networks, and steal sensitive information from them,"
The hacking group sent 'spoofed emails' that appeared to come from Microsoft which outwitted users into revealing their login credentials, a method known as "spear-phishing attack". After getting the hacked victim's credentials, the hackers can easily access their sensitive information like emails, contact lists, calendar appointments, and other data and even often forwards any new emails to the attackers.
Hackers also used unreliable websites to outwusers into believing they were on legitimate Microsoft websites and email attachments to distribute malware.
COMMENTS