Microsoft takes down 50 North Korean hacking sites
Court order gives control of cyberattack domains
Microsoft has successfully launched a court action to take control of fifty domains used for spear phishing attacks.
These attacks apparently came from a hacking group affiliated with North Korea, and collected user account details in order to both steal data as well as upload malware in an attempt to infect IT systems.
- Nearly half of workers have clicked on a phishing email
- Find the best free malware removal software
- Office 365 phishing attacks targets admin accounts
Spear phishing
The phishing emails were targeted at employees of governments, international agencies, as well as university staff, mostly based in the US, Japan, and North Korea. The spoof emails claimed that the user’s account was compromised, advising them to login to change their account details.
Of course, the links went to domain names that attempted to look official in order to record the user account details. Once inputted, hackers could use this login information to access the user’s official account. From there, they would not just access and copy user information, but also install malware in an attempt to infiltrate any IT systems the user had access to.
Additionally, the hackers were able to set up a command to copy any new emails to the user without the user realizing, even when the account password had been changed.
According to Microsoft, the court action allowed Microsoft to take control of the fifty domain names used in the attack.
While presented as a victory against cyberattacks, domain names are cheap and it would be easy for the hacking group to simply copy their phishing attacks onto a new set of domains.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Additionally, users are reminded that in the event of ever receiving an email claiming your account details have been compromise, DON’T click on the links in the email, but instead visit the main website directly in order to avoid what is one of the most common yet easiest to avoid web attacks.
Via ZDnet.
- Worried about malware? Protect yourself with the best antivirus software.
Brian has over 30 years publishing experience as a writer and editor across a range of computing, technology, and marketing titles. He has been interviewed multiple times for the BBC and been a speaker at international conferences. His specialty on techradar is Software as a Service (SaaS) applications, covering everything from office suites to IT service tools. He is also a science fiction and fantasy author, published as Brian G Turner.