Search
Search titles only
By:
Search titles only
By:
Menu
Forums
New posts
Search forums
Home
What's new
New posts
Latest activity
Log in
Register
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Reply to thread
Home
Computers & Internet
Mobile Computing
Microsoft seizes control of websites used by China-backed hackers
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="Carly Page" data-source="post: 2791"><p><a href="https://techcrunch.com/tag/microsoft/" target="_blank">Microsoft</a> has seized control of a number of websites that were being used by a Chinese-government backed hacking group to target organizations in 29 countries, including the U.S.</p><p></p><p>Microsoft’s Digital Crimes Unit (DCI) <a href="https://blogs.microsoft.com/on-the-issues/2021/12/06/cyberattacks-nickel-dcu-china/" target="_blank">said on Monday</a> that a federal court in Virginia had granted an order allowing the company to take control of the websites and redirect the traffic to Microsoft servers. These malicious websites were being used by a state-sponsored hacking group known as Nickel, or APT15, to gather intelligence from government agencies, think tanks and human rights organizations, according to the company.</p><p></p><p>Microsoft didn’t name Nickel’s targets, but said the group was targeting organizations in the U.S. and 28 other countries. It added that “there is often a correlation between Nickel’s targets and China’s geopolitical interests.”</p><p></p><p></p><p>Microsoft, which has been tracking Nickel since 2016 and <a href="https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi" target="_blank">previously described</a> it as one of the “most active” hacking groups targeting government agencies, said it observed “highly sophisticated” attacks that installed hard-to-detect malware that facilitates intrusion, <a href="https://techcrunch.com/tag/surveillance/" target="_blank">surveillance</a> and data theft. In some cases, Nickel’s attacks used compromised third-party virtual private network (VPN) suppliers and credentials obtained from <a href="https://techcrunch.com/tag/phone-spear-phishing/" target="_blank">spear-phishing</a> campaigns, according to Microsoft, and in others, vulnerabilities in Microsoft’s own Exchange Server and SharePoint system were used to infiltrate companies. However, Microsoft noted that it has “not observed any new vulnerabilities in Microsoft products as part of these attacks.”</p><p></p><p>“Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft’s secure servers will help us protect existing and future victims while learning more about Nickel’s activities,” wrote Tom Burt, Microsoft’s corporate vice president for customer security and trust. “Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks.”</p><p></p><p>In addition to the U.S., Nickel also targeted organizations in Argentina, Barbados, Bosnia and Herzegovina, Brazil, Bulgaria, Chile, Colombia, Croatia, Czech Republic, Dominican Republic, Ecuador, El Salvador, France, Guatemala, Honduras, Hungary, Italy, Jamaica, Mali, Mexico, Montenegro, Panama, Peru, Portugal, Switzerland, Trinidad and Tobago, the United Kingdom and Venezuela.</p><p></p><p>Microsoft said its Digital Crimes Unit, through 24 lawsuits, had taken down more than 10,000 malicious websites used by cybercriminals and almost 600 used by nation-state actors. Earlier this year, <a href="https://techcrunch.com/2020/07/07/microsoft-domains-covid-19-attacks/" target="_blank">the team took control malicious web domains used in a large-scale cyberattack</a> that targeted victims in 62 countries with spoofed emails.</p></blockquote><p></p>
[QUOTE="Carly Page, post: 2791"] [URL='https://techcrunch.com/tag/microsoft/']Microsoft[/URL] has seized control of a number of websites that were being used by a Chinese-government backed hacking group to target organizations in 29 countries, including the U.S. Microsoft’s Digital Crimes Unit (DCI) [URL='https://blogs.microsoft.com/on-the-issues/2021/12/06/cyberattacks-nickel-dcu-china/']said on Monday[/URL] that a federal court in Virginia had granted an order allowing the company to take control of the websites and redirect the traffic to Microsoft servers. These malicious websites were being used by a state-sponsored hacking group known as Nickel, or APT15, to gather intelligence from government agencies, think tanks and human rights organizations, according to the company. Microsoft didn’t name Nickel’s targets, but said the group was targeting organizations in the U.S. and 28 other countries. It added that “there is often a correlation between Nickel’s targets and China’s geopolitical interests.” Microsoft, which has been tracking Nickel since 2016 and [URL='https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi']previously described[/URL] it as one of the “most active” hacking groups targeting government agencies, said it observed “highly sophisticated” attacks that installed hard-to-detect malware that facilitates intrusion, [URL='https://techcrunch.com/tag/surveillance/']surveillance[/URL] and data theft. In some cases, Nickel’s attacks used compromised third-party virtual private network (VPN) suppliers and credentials obtained from [URL='https://techcrunch.com/tag/phone-spear-phishing/']spear-phishing[/URL] campaigns, according to Microsoft, and in others, vulnerabilities in Microsoft’s own Exchange Server and SharePoint system were used to infiltrate companies. However, Microsoft noted that it has “not observed any new vulnerabilities in Microsoft products as part of these attacks.” “Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft’s secure servers will help us protect existing and future victims while learning more about Nickel’s activities,” wrote Tom Burt, Microsoft’s corporate vice president for customer security and trust. “Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks.” In addition to the U.S., Nickel also targeted organizations in Argentina, Barbados, Bosnia and Herzegovina, Brazil, Bulgaria, Chile, Colombia, Croatia, Czech Republic, Dominican Republic, Ecuador, El Salvador, France, Guatemala, Honduras, Hungary, Italy, Jamaica, Mali, Mexico, Montenegro, Panama, Peru, Portugal, Switzerland, Trinidad and Tobago, the United Kingdom and Venezuela. Microsoft said its Digital Crimes Unit, through 24 lawsuits, had taken down more than 10,000 malicious websites used by cybercriminals and almost 600 used by nation-state actors. Earlier this year, [URL='https://techcrunch.com/2020/07/07/microsoft-domains-covid-19-attacks/']the team took control malicious web domains used in a large-scale cyberattack[/URL] that targeted victims in 62 countries with spoofed emails. [/QUOTE]
Insert quotes…
Verification
Post reply
Home
Computers & Internet
Mobile Computing
Microsoft seizes control of websites used by China-backed hackers
Top
Bottom
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…