News

Microsoft acquires 50 domain names from hacker group linked to North Korea

By admin
Spread the love

Microsoft has acquired fifty domain names from hacker group APT37. It is linked to North Korea by security experts. The domains were used to carry out attacks on government employees in America, Japan and South Korea, among others.

Microsoft has sued the group, the company writes in a blog post. This gave Microsoft the right to take over the group’s domain names. These are websites that were used for spearphishing campaigns. The attackers sent targeted emails that appeared to be from Microsoft, for example changing the m to an r and an n. The malware distributed in this way was intended to steal information from the systems. Microsoft says the victims were mostly government officials, university employees, think tanks and human rights groups.

The domains were part of attack campaigns by a group Microsoft calls Thallium. That group is referred to as APT37 by other security experts, and is generally linked to the North Korean regime. The group was discovered by Microsoft’s Digital Crime Unit, and the Microsoft Threat Intelligence Center. The researchers allegedly monitored the groups for months. Microsoft researchers have caught state hackers before. Recently, groups from Russia and Iran were stopped.

You might also like
News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

Exit mobile version