AGL 38.48 Decreased By ▼ -0.08 (-0.21%)
AIRLINK 203.02 Decreased By ▼ -4.75 (-2.29%)
BOP 10.17 Increased By ▲ 0.11 (1.09%)
CNERGY 6.54 Decreased By ▼ -0.54 (-7.63%)
DCL 9.58 Decreased By ▼ -0.41 (-4.1%)
DFML 40.02 Decreased By ▼ -1.12 (-2.72%)
DGKC 98.08 Decreased By ▼ -5.38 (-5.2%)
FCCL 34.96 Decreased By ▼ -1.39 (-3.82%)
FFBL 86.43 Decreased By ▼ -5.16 (-5.63%)
FFL 13.90 Decreased By ▼ -0.70 (-4.79%)
HUBC 131.57 Decreased By ▼ -7.86 (-5.64%)
HUMNL 14.02 Decreased By ▼ -0.08 (-0.57%)
KEL 5.61 Decreased By ▼ -0.36 (-6.03%)
KOSM 7.27 Decreased By ▼ -0.59 (-7.51%)
MLCF 45.59 Decreased By ▼ -1.69 (-3.57%)
NBP 66.38 Decreased By ▼ -7.38 (-10.01%)
OGDC 220.76 Decreased By ▼ -1.90 (-0.85%)
PAEL 38.48 Increased By ▲ 0.37 (0.97%)
PIBTL 8.91 Decreased By ▼ -0.36 (-3.88%)
PPL 197.88 Decreased By ▼ -7.97 (-3.87%)
PRL 39.03 Decreased By ▼ -0.82 (-2.06%)
PTC 25.47 Decreased By ▼ -1.15 (-4.32%)
SEARL 103.05 Decreased By ▼ -7.19 (-6.52%)
TELE 9.02 Decreased By ▼ -0.21 (-2.28%)
TOMCL 36.41 Decreased By ▼ -1.80 (-4.71%)
TPLP 13.75 Decreased By ▼ -0.02 (-0.15%)
TREET 25.12 Decreased By ▼ -1.33 (-5.03%)
TRG 58.04 Decreased By ▼ -2.50 (-4.13%)
UNITY 33.67 Decreased By ▼ -0.47 (-1.38%)
WTL 1.71 Decreased By ▼ -0.17 (-9.04%)
BR100 11,890 Decreased By -408.8 (-3.32%)
BR30 37,357 Decreased By -1520.9 (-3.91%)
KSE100 111,070 Decreased By -3790.4 (-3.3%)
KSE30 34,909 Decreased By -1287 (-3.56%)

Microsoft said Monday it obtained a court order allowing it to seize web domains used by North Korean hacking groups to launch cyberattacks on human rights activists, researchers and others.

The US technology giant said a federal court allowed it to take control of 50 domains operated by a group dubbed Thallium, which tricked online users by fraudulently using Microsoft brands and trademarks.

"This network was used to target victims and then compromise their online accounts, infect their computers, compromise the security of their networks and steal sensitive information," said Tom Burt, Microsoft's vice president for customer security and trust.

"Based on victim information, the targets included government employees, think tanks, university staff members, members of organizations focused on world peace and human rights, and individuals that work on nuclear proliferation issues. Most targets were based in the US, as well as Japan and South Korea."

Microsoft, which had been investigating the group through its Digital Crimes Unit and Threat Intelligence Center, said the hacking group sent spoofed emails that appeared to come from Microsoft which tricked users into revealing their login credentials, a technique known as spear phishing.

"By gathering information about the targeted individuals from social media, public personnel directories from organizations the individual is involved with and other public sources, Thallium is able to craft a personalized spear-phishing email in a way that gives the email credibility to the target," Burt said.

After getting the victim's credentials, the hackers can access emails, contact lists, calendar appointments and other data and often forwards any new emails to the attackers.

The hackers also used malicious software which can access other data on a victim's computer. An order from a US federal court in Virginia allowed Microsoft to take control of the domains, meaning "the sites can no longer be used to execute attacks," Burt said. Microsoft said this was the fourth nation-state group it has acted against and follows similar moves against operations from China, Russia and Iran, dubbed Barium, Strontium and Phosphorus, respectively.

Copyright Agence France-Presse, 2019

Comments

Comments are closed.