Microsoft takes on another hacking group, this one with links to Iran

The hacking group used spear-phishing attacks launched from web sites made to look like they belong to companies like  Microsoft and Yahoo.

By: DINA BASS
| Updated on: Mar 28 2019, 11:28 IST
The attacks convince users to click on a link containing malicious software or make the user believe their accounts have been compromised.
The attacks convince users to click on a link containing malicious software or make the user believe their accounts have been compromised. (AP)

Microsoft said that it has taken control of 99 web sites used by a malicious group connected to Iranian hackers who attacked targets including government agencies and businesses in order to steal confidential information.

The group, which Microsoft refers to as Phosphorus, but is also known as APT 35, Charming Kitten, and Ajax Security Team, used spear-phishing attacks launched from web sites made to look like they belong to companies like  Microsoft and Yahoo, according to the post.  The attacks convince users to click on a link containing malicious software or make the user believe their accounts have been compromised and then ask them to re-enter security credentials, which are then stolen by the group. 

You may be interested in

MobilesTablets Laptops
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Court documents unsealed Wednesday detail the work Microsoft's Digital Crimes Unit has done to fend off the group, including a case filed in the U.S. District Court for Washington, DC, that resulted in an order last week enabling Microsoft to take control of the sites. Microsoft says it has been tracking this group since 2013 and that it frequently targets government and business entities as well as journalists and advocacy groups that work on Middle East issues. Microsoft's Digital Crimes Unit, and its other security entities, work to derail an array of security threats, including similar action against the group Strontium, linked to the Russian military, and actions to protect elections in the US and Europe. 

Also read
Looking for a smartphone? To check mobile finder click here.

ALSO READ: Facebook removes hundreds of fake accounts linked to Iran

Once it took control of the sites, Microsoft said it redirected traffic to a security repository it runs in order to learn more about the group's activities. That information will be used in Microsoft's security products to better protect customers.

The company also said it has worked closely with other technology companies, especially Yahoo, on this case.  Facebook Inc. said yesterday that it has removed hundreds of pages, groups and accounts connected to Iran for impersonating political groups and media organizations in an attempt to influence political thought in countries around the world.

ALSO READ: Google removes 39 YouTube channels linked to Iranian influence campaign

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 28 Mar, 11:27 IST
NEXT ARTICLE BEGINS