Microsoft said Monday that it had seized 42 websites from a Chinese hacking group in an effort to disrupt the group's intelligence-gathering operations, reports The New York Times.
The company said in a news release that a federal court in Virginia had granted Microsoft's request to allow its Digital Crimes Unit to take over the US-based websites, which were being run by a hacker group known as Nickel or APT15. The company is redirecting the websites' traffic to secure Microsoft servers to "help us protect existing and future victims while learning more about Nickel's activities."
Microsoft said it had been tracking Nickel since 2016 and had found that its "highly sophisticated" attacks intended to install unobtrusive malware that allowed for surveillance and data theft.
In this most recent case, Nickel was attacking organisations in 29 countries and was believed to be using the information it collected "for intelligence gathering from government agencies, think tanks, universities and human rights organisations," Tom Burt, Microsoft's corporate vice president of customer security and trust, said in the news release. Microsoft did not name the organisations that had been targeted.
In court documents unsealed Monday, Microsoft provided a detailed explanation of how the hackers targeted users through techniques like compromising third-party virtual private networks and phishing, in which a hacker poses as a trusted entity, often in an attempt to get someone to provide information like a password.
After using those strategies to install malware on a user's computer, the company said, Nickel would connect the computer with the malicious websites that Microsoft has since seized.
© 2024 - All Rights with The Financial Express
