Article 5SRQM Microsoft seizes domains used by “highly sophisticated” hackers in China

Microsoft seizes domains used by “highly sophisticated” hackers in China

by
Dan Goodin
from Ars Technica - All content on (#5SRQM)
china-inside-800x533.jpg

Enlarge / Computer chip with Chinese flag, 3d conceptual illustration. (credit: Steve McDowell / Agefotostock)

Microsoft said it has seized control of servers that a China-based hacking group was using to compromise targets that align with that country's geopolitical interests.

The hacking group, which Microsoft has dubbed Nickel, has been in Microsoft's sights since at least 2016, and the software company has been tracking the now-disrupted intelligence-gathering campaign since 2019. The attacks-against government agencies, think tanks, and human rights organizations in the US and 28 other countries-were highly sophisticated," Microsoft said, and used a variety of techniques, including exploiting vulnerabilities in software that targets had yet to patch.

Down but not out

Late last week, Microsoft sought a court order to seize websites Nickel was using to compromise targets. The court, in the US District Court for the Eastern District of Virginia, granted the motion and unsealed the order on Monday. With control of Nickel's infrastructure, Microsoft will now sinkhole" the traffic, meaning it's diverted away from Nickel's servers and to Microsoft-operated servers, which can neutralize the threat and allow Microsoft to obtain intelligence about how the group and its software work.

Read 10 remaining paragraphs | Comments

index?i=1vhMKoWlT3I:5rtK9NBiZPM:V_sGLiPB index?i=1vhMKoWlT3I:5rtK9NBiZPM:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments