Microsoft seizes 42 websites from a Chinese hacking group

A Virginia federal court granted Microsoft's request to allow its Digital Crimes Unit to take over the US-based websites. PHOTO: REUTERS
Updated
Dec 07, 2021, 07:32 AM
Published
Dec 07, 2021, 06:41 AM

VIRGINIA (NYTIMES) - Microsoft said on Monday (Dec 6) that it had seized 42 websites from a Chinese hacking group in an effort to disrupt the group's intelligence-gathering operations.

The company said in a news release that a federal court in Virginia had granted Microsoft's request to allow its Digital Crimes Unit to take over the US-based websites, which were being run by a hacker group known as Nickel or APT15.

The company is redirecting the websites' traffic to secure Microsoft servers to "help us protect existing and future victims while learning more about Nickel's activities".

Microsoft said it has been tracking Nickel since 2016 and had found that its "highly sophisticated" attacks intended to install unobtrusive malware that allowed for surveillance and data theft.

In this most recent case, Nickel was attacking organisations in 29 different countries and was believed to be using the information it collected "for intelligence gathering from government agencies, think tanks, universities and human rights organisations", Mr Tom Burt, Microsoft's corporate vice-president of customer security and trust, said in the news release.

Microsoft did not name the organisations that had been targeted.

The company said it had not discovered any new vulnerabilities in Microsoft products related to the attacks.

"Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks," Mr Burt said.

Microsoft said it had found that the group often targeted regions in which China has a geopolitical interest.

Nickel has targeted diplomatic organisations and foreign affairs ministries in the Western Hemisphere, Europe and Africa, among other groups, the company said.

The company said its Digital Crimes Unit, through 24 lawsuits, had taken down more than 10,000 malicious websites used by cybercriminals and almost 600 used by nation-state actors, and had blocked the registration of 600,000 more.

US cybersecurity agencies have warned that Chinese hacking presents a "major threat" to the United States and its allies.

More On This Topic
FBI chief wants more help from companies to fight 'China-backed' hacking
US to curb hacking tool exports to Russia, China

In July, the Biden administration accused the Chinese government of being responsible for a hacking campaign earlier this year that compromised a Microsoft email service used by some of the world's largest companies and governments.

Some of the European governments that condemned China at the time accused its government of allowing hackers to operate in Chinese territory, but the US and Britain went a step further, saying that the Chinese government was directly responsible.

China's Ministry of State Security "has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain", Secretary of State Antony Blinken said at the time.

Mr Liu Pengyu, a spokesman for the Chinese Embassy, said at the time the accusation was one of many "groundless attacks".

More On This Topic
China-linked hacking group said to access calling records worldwide
China denies Microsoft hack, says US and allies ganging up

Join ST's Telegram channel and get the latest breaking news delivered to you.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top