Microsoft seizes 99 websites being leveraged for spear-phishing and hacking assaults

Microsoft is presently positioned to gain hold over an attackers' gang called APT35 or Phosphorus, which was carrying out spear-phishing and hacking assaults on various kinds of organizations and individuals, notably journalists, activists as well as defense organizations.

Specifically, the Digital Crimes Unit (DCU) of Microsoft took control over a total 99 domains with the aim towards halting the hackers' assaults. The hackers identified to be Iranians were using domains namely verification-live.com, yahoo-verify.net and outlook-verify.net within their spear-phishing campaigns.

According to Corporate Vice-President Tom Burt for Client Security and Trust at Microsoft, the Digital Crimes Unit along with MSTIC (Microsoft Threat Intelligence Center) was pursuing Phosphorus starting 2013. The attackers' gang normally operated for acquiring admission into government agencies' and businesses' computer systems for theft of sensitive information. The gang also attacked journalists and activists, in particular, those having association with reporting and supportive activities for matters pertaining to Middle Eastern countries. Further, Burt explains that the action Microsoft carried out past week let the company gain hold over 99 websites while also divert traffic from contaminated systems onto the company's DCU's sinkhole. Duo.com posted this, March 28, 2019.

Meanwhile, Techcrunch notes that Monica Witt an erstwhile intelligence officer of United States Air Force who later turned into a spy apparently maintains touch with the hackers' gang. A fugitive, Witt, who fled to Iran, is on the 'most wanted list' of the FBI being accused of committing espionage. It's alleged about Witt that she handed over to the Iranian hacking gang intelligence info about her ex-colleagues and other U.S officials. The said information is potentially helpful for the hackers to run increasingly personalized spear-phishing attacks vis-à-vis specific persons.

A common attack method that many low-level criminal gangs as well as lone thieves use, spear-phishing is also much preferable to well-funded and sophisticated attackers.

Evidently, United States court granting Microsoft permission for gaining hold over domain names that were being used for phishing attacks is not new. In 2018, according to one injunction by federal court, Microsoft was let towards controlling domains which certain gang of hackers leveraged while they breached the organization's trademarks.

» SPAMfighter News - 4/2/2019