Microsoft won the court case that filled in the U.S. District Court for Washington D.C against the APT group 35 also known as Phosphorus and granted an order by the court to take down all the 99 websites.
APT 35 or Charming Kitten is a well-known Iranian cybercrime group that performing the various illegal hacking operation using various domains which was continuously tracking since 2013 by Microsoft Threat Intelligence Center (MSTIC).
All these domains were misused under the names of well-known brands, like Microsoft and other related domain such as outlook-verify.net, yahoo-verify.net, verification-live.com, and myaccount-services.net.
APT 35 mainly used these illegal domains for various sophisticated cyber crimes, and it’s specifically designed to gain access to the computer systems of businesses and government agencies and steal sensitive information.
Now All The 99 Domains are Under Microsoft Control
Microsoft now takes complete control of all the 99 domains that was used for various malicious hacking operations and all these domains traffic has been redirected from infected devices to Microsoft Digital Crime Unit’s sinkhole.
In this case, all the intelligence collected from this sinkhole will be added to MSTIC’s existing knowledge of Phosphorus and shared with Microsoft security products and services to protect customers in the future.
According to Microsoft, “Phosphorus also uses these domains and a technique whereby it sends people an email that makes it seem as if there’s a security risk to their accounts, prompting them to enter their credentials into a web form that enables the group to capture their passwords and gain access to their systems.”
Throughout the course of tracking Phosphorus, we’ve worked closely with a number of other technology companies, including Yahoo, to share threat information and jointly stop attacks. We are grateful for their partnership Microsoft said.
Based Blockchain Network