According to a court order, Microsoft Corporation seized more than 50 websites belonging to a North Korean hacking group that targeted government employees, nuclear activists, human rights organizations, universities, and think tanks in order to steal highly sensitive information from computers in the United States.
The tech giant filed a lawsuit in the Federal Court against two unidentified participants in the group, known as Thallium, which it claimed used websites to send phishing messages to break into user accounts and access their information.
The Microsoft Digital Crime Unit was tracking and collecting information about the Thallium group to determine the extent of its network, and found that the group infects computers and threatens network security and steals sensitive information from specifically targeted victims, and according to the Microsoft team, most of the victims were in Japan, South Korea, and the United States of America .
Court documents indicate that Thallium impersonated Microsoft or used its trademarks such as Office 365 to access the accounts, and the judge granted the company a temporary order restraining Thallium from conducting any other piracy against Microsoft customers, and also ordered companies hosting website domains to hand those domains to a giant Software.
This court order is the culmination of Microsoft's ongoing efforts to combat cybercrime from groups that it believes are supported by nation-states, and given that it is a manufacturer of the most popular operating system in the world, the company is widely considered to have a particularly strong insight into how it works Hackers all over the world.
The company had taken similar legal measures against Chinese, Russian, and Iranian piracy groups, and actions against these groups resulted in the removal of hundreds of sites, resulting in the protection of thousands of victims, and the Thallium group uses malware called BabyShark and KimJongRAT when targeting users ’devices to hack into systems and steal data.
Tom Burt, Vice President of Consumer Security and Trust, said in a post: We believe it is important for governments and the private sector to be more transparent about the nation-state activity so that we can all continue to protect the Internet, and we hope that Microsoft's actions increase awareness of similar attacks on companies Other.
"Users can protect themselves from such attacks by activating two-factor authentication of email accounts, enabling security alerts about links from suspicious sources and paying attention to evidence of a possible phishing scheme," he added.
0 Comments