Microsoft Takes Control Of Fifty Domains Operated North Korean Hackers

Microsoft takes down 50 domains used by North Korean hacking groups
Share It On:

Friday, January 3, 2019

Microsoft, a company that most of us know for its Operating systems, has recently taken control of domains used by Thallium, a hacking group from North Korea. The officials from Microsoft stated that the hackers used the 50 fields to initiate phishing attacks on internet users all over the world. Thallium’s major targets have been countries like South Korea, Japan, and the United States.

Microsoft filed a lawsuit against the hacking group in the U.S. District Court stating the pieces of evidence it had of the attacks attempted by them. The U.S. District Court for the Eastern District of Virginia ordered the company to take full control of all the 50 domains that were being misused by Thallium. The domains are currently under Microsoft’s control and hence don’t pose any cyber-threat.

The Digital Crimes Unit at Microsoft along with the Microsoft Threat Intelligence Center, MSTIC reported to have tracked Thallium for several months and collected the cyber-crime pieces of evidence. Microsoft mentioned that Thallium was using these domains to send phishing emails that contained a malicious link to trick the users to click and enter their details which would be stored in the hacker’s database. This method of cyber-attack is more commonly known as spear-phishing. The main motive of the group was to install malware, Remote Access Trojans(RATs) like Baby Shark and KimJongRAT that would allow them to gain remote access to execute commands on the user’s devices.

Microsoft has taken over such cyber-crimes in the past too, out of which the seize of 99 domains operated by an Iran based group named Phosphorus took place recently in May of 2019. Prior to this, the company also took hold of 84 domains of a Russian Cyber-crime group referred to as Strontium in August 2018.

Tech-giants like Microsoft are constantly working to keep the internet safe from cyber-threats lurking in our emails and webpages we visit.


Share It On:

Recent Posts

Vivo Y19s Launched in Nepal: Stylish Design, 50MP Camera, and Long-Lasting Battery at an Affordable Price

Vivo Y19s Launched in Nepal: Stylish Design, 50MP Camera, and

Share It On:10th November 2024, Kathmandu vivo, a world-renowned technology brand, today announced the launch of its latest masterpiece in

Inter-Bank Futsal Tournament Nepal 2024: Global IME Bank Shines as Champion

Inter-Bank Futsal Tournament Nepal 2024: Global IME Bank Shines as

Share It On:10th November 2024, Kathmandu Global IME Bank showcased their football prowess by clinching the title in the first-ever

NRB Intensifies Liquidity Control Measures: Drains Additional NPR 50 Billion

NRB Intensifies Liquidity Control Measures: Drains Additional NPR 50 Billion

Share It On:10th November 2024, Kathmandu Nepal Rastra Bank (NRB) will withdraw NPR 50 billion from the banking system today

Nepal’s Sluggish Credit Growth: Interest Rate Cuts Fail to Stimulate

Nepal’s Sluggish Credit Growth: Interest Rate Cuts Fail to Stimulate

Share It On:10th November 2024, Kathmandu The ongoing economic slowdown has impacted the investment in loans, directly affecting interest rates.

CIB Alerts Bank Customers of Increased Cyber Threats and Fraud Risks

CIB Alerts Bank Customers of Increased Cyber Threats and Fraud

Share It On:10th November 2024, Kathmandu The Central Investigation Bureau (CIB) of Nepal Police has issued a warning to the

Dynamic Technosoft Wins ASOCIO EdTech Award 2024: A Milestone For Nepal’s IT Industry

Dynamic Technosoft Wins ASOCIO EdTech Award 2024: A Milestone For

Share It On:10th November 2024, Kathmandu In a monumental achievement for Nepal’s tech sector, Dynamic Technosoft Pvt. Ltd., a leading