Microsoft’s Digital Crimes Unit (DCU) has seized a website used by China-based cyber spy hacking teams to launch cyber attacks on government agencies, think tanks, and human rights groups in about 29 countries, including the United States.
The hacking group called Nickel by Microsoft is also known as APT15, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon.
The threat group infrastructure disruption was brought about by a court order granted to Microsoft by the United States District Court for the Eastern District of Virginia and opened today.
“By gaining control of malicious websites and redirecting traffic from those sites to Microsoft’s secure servers, we can protect existing and future victims while learning more about Nickel’s activities. “Tom Burt, Vice President of Customer Security and Trust, said: Today’s news. “Our turmoil does not prevent Nickel from continuing other hacking activities, but we believe it has removed an important part of the infrastructure that the group relied on for this latest wave of attacks. increase.”
Microsoft’s Threat Intelligence Center has been monitoring nickel since 2016 and investigating the Group’s cyber-spy campaigns through infrastructure since 2019. The attacker targeted unpatched Exchange Server and SharePoint systems.
Microsoft seizes malicious websites used by prolific Chinese APT groups
https://www.darkreading.com/threat-intelligence/microsoft-seizes Microsoft seizes malicious websites used by prolific Chinese APT groups