Microsoft takes control of 50 websites linked to North Korean linked hacking group
6701 Min Read
Microsoft said on Monday it won a court order that allowed the tech giant to take control of 50 websites that a North Korea-linked hacking group was using to carry out cyberattacks.
The move follows similar steps the software company has taken against groups from China, Russia and Iran since the middle of 2018, and marks an escalation in its efforts to defend users of its email service from state-backed attacks, FT reports.
The OS maker said the 50 domains were used to launch cyberattacks by a group the company has been tracking as Thallium (also known as APT37). The group was believed to be operating from North Korea, was using a technique known as spear phishing to trick its victims, Microsoft said in a blog post, said ZdNet.
CNBC adds that by gathering information about individuals through the public domain and social media, the hackers crafted personalized emails that looked credible. Those emails directed users to fraudulent websites where their account login details were compromised, which allowed the attackers to read emails, look at contact lists and access calendar appointments, according to Microsoft.
The group’s targets included government employees, think tanks, university staff and individuals working on nuclear proliferation issues based mostly in the U.S., Japan, and South Korea.
