Microsoft Seizes 42 Websites From a Chinese Hacking Group

Microsoft Seizes 42 Websites From a Chinese Hacking Group
Written by admin
Microsoft Seizes 42 Websites From a Chinese Hacking Group

Microsoft Seizes 42 Websites From a Chinese Hacking Group

Microsoft said Monday it had seized 42 websites belonging to a Chinese hacking group in an attempt to disrupt the group’s intelligence-gathering operations.

The company said in a news release that a federal court in Virginia has granted a request to Microsoft’s Digital Crime Unit to allow the possession of US-based websites, which were run by a hacker group called Nickel or APT15. The company is redirecting website traffic to secure Microsoft servers “to help us protect existing and future victims while learning more about Nickel’s activities.”

Microsoft has said it has been tracking Nickel since 2016 and found that its “sophisticated” attacks were aimed at installing hassle-free malware that allows surveillance and data theft.

In the most recent case, Nickel was attacking organizations in 29 different countries and was believed to be using information gathered “to gather intelligence from government agencies, think tanks, universities and human rights organizations,” said Tom Burt, Microsoft’s corporate vice president. Microsoft did not name the target organizations.

In court documents opened Monday, Microsoft provided detailed explanations of how hackers targeted users through techniques such as compromising third-party virtual private networks and phishing, in which the hacker stands as a trusted entity, often in an attempt to provide someone. Password-like information.

After using that strategy to install malware on a user’s computer, the company said, Nickel will connect the computer to a malicious website seized by Microsoft.

The company argues that the process involves hacking into a computer and modifying the Microsoft operating system and sometimes posing as Microsoft, “misusing Microsoft’s trademarks and brands and deceiving users by presenting them with an unofficial, improved version of Windows.” . ”

READ Also  Will PUBG Mobile India Be Launched in January? Its Teaser Likely to be Out This Month

In its ruling, the court agreed to issue a temporary restraining order against hackers and to divert websites registered in Virginia to Microsoft.

“If the defendants are not barred by this court order and not ordered to do so, there is good reason to believe that the defendants’ ongoing violations will cause immediate and irreparable harm,” the court wrote in its ruling.

Microsoft said it did not find any new vulnerabilities in its products related to the attacks.

“Our disruption will not prevent Nickel from continuing other hacking activities, but we believe we have removed a significant portion of the infrastructure that the group relies on for this latest wave of attacks,” Mr Burt said.

Microsoft says the group often targets territories with China’s geopolitical interests. Nickel has targeted political organizations and ministries of foreign affairs in the Western Hemisphere, Europe and Africa, among other groups, the company said.

The company says its digital crime unit, through 24 cases, has removed more than 10,000 malicious websites used by cybercriminals and nearly 600 websites used by nation-state actors, and blocked more than 600,000 registrations.

John Hammond, a researcher at cybersecurity company Huntress Labs, said Microsoft’s move against websites was a good example of “active protection against cybercrime”.

“Microsoft’s action is a great example of that preconceived notion before the risky artists suffer further damage,” Mr Hammond said.

U.S. cybersecurity agencies have warned that Chinese hacking poses a “major threat” to the United States and its allies.

In July, the Biden administration accused the Chinese government of being responsible for a hacking campaign earlier this year that compromised the Microsoft email service used by some of the world’s largest companies and governments.

READ Also  When, where to watch the penumbral eclipse in India- Technology News, Gadgetclock

At the time, some European governments that condemned China accused it of allowing hackers to operate within its borders, but the United States and Britain went a step further, saying the Chinese government was directly responsible.

China’s state security ministry has “developed an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,” said Secretary of State Anthony J. Blinken said this time.

Liu Pengyu, a spokesman for the Chinese embassy, ​​said at the time that the allegations were “one of a number of baseless attacks.”

#Microsoft #Seizes #Websites #Chinese #Hacking #Group

About the author