banner



Home  ›  Microsoft Takes down 50 Domains of Thallium Hacking Group

Microsoft Takes down 50 Domains of Thallium Hacking Group

Written By Sunday 6 March 2022 Add Comment Edit

Microsoft Takes down 50 Domains Used by Thallium Hacking Group

Microsoft recently took down fifty web domains used past a North Korean hacking grouping they call Thallium. The takedown happened after the Redmond giant filed a lawsuit against Thallium in the U.S. District Court of Virginia.

Microsoft'due south Digital Crimes Unit (DCU) and Threat Intelligence Center accept been tracking the activities of the group. According to Microsoft, hackers mainly targeted people in the US, Japan, and South korea. The targets mainly included authorities employees and members of organizations focused on human being rights and world peace.

Thallium allegedly operated a network of websites and domains to take over online accounts of people. The attackers mainly used spear phishing technique to compromise user accounts.

To practice and so, the hacking group gathers information about the target from social media and public profiles. An electronic mail that closely resembles an official advice is sent to the target which redirects the target to fraudulent websites. For instance, take a expect at the below image where Thallium spoofed the sender by using the letters 'r' and 'n' to arrive expect like 'm' as in 'microsoft.com'.

microsoft phishing mail sample
Credits: Microsoft Weblog

Thallium grouping is also known to use popular malwares like "BabyShark" and "KimJongRAT." "Once installed on a victim'due south computer, this malware exfiltrates data from information technology, maintains a persistent presence and waits for farther instructions.", says Tom Burt,  Corporate Vice President, Client Security & Trust at Microsoft.

This approach is not something new to Microsoft. The tech giant used the same methodology to take down malicious domains past Barium that operated from People's republic of china, Strontium that operated from Russia, and Phosphorus from Iran.

Microsoft recommends enabling two-factor authentication on all personal and business concern email accounts, learning to spot phishing schemes, enabling security alerts, and checking e-mail forwarding rules to stay safety from such incidents.

Source: https://beebom.com/microsoft-shuts-50-domains-north-korean-hackers/

Posted by: hartmuns1953.blogspot.com

0 Response to "Microsoft Takes down 50 Domains of Thallium Hacking Group"

Post a Comment

Subscribe to: Post Comments (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel