Microsoft Seize Domains Used To Attack Attacking Governments

Microsoft recently announced that it has seized dozens of domains belonging to the Chinese APT group Nickel.

The domains were used to launch attacks against governments and NGOs in countries on three different continents (Europe, the Americas, and the Caribbean). The decision was made after the company obtained permission from a federal court in Virginia to seize websites that the group used to steal data in the United States and other countries.

Following Microsoft’s explanation of how the group works, the company revealed that the attacks involve the deployment of hard-to-detect malware that allows intrusion, surveillance and data theft. Further revelations from the Microsoft Threat Intelligence Centre revealed that sometimes, Nickel compromise VPN providers or gains access to stolen credentials.

In some other cases, too, they simply compromise unpatched Exchange Server and SharePoint systems. Once they gain access to a network, the attackers look for ways to gain access to higher-value accounts in order to achieve a solid network presence.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web