Friday, October 4, 2024
HomeComputer SecurityMicrosoft Now Takes Control of 99 Websites that Used for Hacking Operations...

Microsoft Now Takes Control of 99 Websites that Used for Hacking Operations by APT 35 Hackers

Published on

A result of cyberwar between Microsoft and the APT 35 hackers group, now Microsoft authorized to seize 99 illegal domains that operated by the APT 35 For various illegal hacking operations.

Microsoft won the court case that filled in the U.S. District Court for Washington D.C against the APT group 35 also known as Phosphorus and granted an order by the court to take down all the 99 websites.

APT 35 or Charming Kitten is a well-known Iranian cybercrime group that performing the various illegal hacking operation using various domains which was continuously tracking since 2013 by Microsoft Threat Intelligence Center (MSTIC).

- Advertisement - EHA

Since the court has given the complete permission on last week, Microsoft has taken the complete control of 99 websites the group uses to conduct its hacking operations.

All these domains were misused under the names of well-known brands, like Microsoft and other related domain such as outlook-verify.net, yahoo-verify.net, verification-live.com, and myaccount-services.net.

APT 35 mainly used these illegal domains for various sophisticated cyber crimes, and it’s specifically designed to gain access to the computer systems of businesses and government agencies and steal sensitive information.

Now All The 99 Domains are Under Microsoft Control

Microsoft now takes complete control of all the 99 domains that was used for various malicious hacking operations and all these domains traffic has been redirected from infected devices to Microsoft Digital Crime Unit’s sinkhole.

A sinkhole is basically a way of redirecting malicious Internet traffic so that it can be captured and analyzed by security analysts.

In this case, all the intelligence collected from this sinkhole will be added to MSTIC’s existing knowledge of Phosphorus and shared with Microsoft security products and services to protect customers in the future.

According to Microsoft, “Phosphorus also uses these domains and a technique whereby it sends people an email that makes it seem as if there’s a security risk to their accounts, prompting them to enter their credentials into a web form that enables the group to capture their passwords and gain access to their systems.”

Throughout the course of tracking Phosphorus, we’ve worked closely with a number of other technology companies, including Yahoo, to share threat information and jointly stop attacks. We are grateful for their partnership, Microsoft said.

Learn: A complete Certified Cyber Threat Intelligence Analyst
Online course

Also Read:

Microsoft Released Security Updates that Fixes 64 Vulnerabilities Including 2 Active Zero-day Flaw

Microsoft Advises Users to Stop Using Internet Explorer Browser

For the First Time, Cryptojacking Apps is Found on Microsoft Store

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce

North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue...

Russian Hackers Registering Domains Targeting US Tech Brands

Researchers are tracking a Russian threat actor deploying domains involved in crypto scams targeting...

Microsoft Warns Of Vanilla Tempest Hackers Attacking Healthcare Sector

Microsoft has identified a new attack vector employed by the financially motivated threat actor...