NEW DELHI: Microsoft announced on Monday that it had thwarted the espionage efforts of a state-backed Chinese hacking group by seizing over 42 websites that allegedly gathered intelligence from foreign ministries, think tanks, and human rights organisations in 29 different countries, including the United States.
Multiple reports on Monday stated that the tech giant has sought permission from a federal court in Virginia to seize at least 42 web domains linked to a renowned Chinese hacking gang known as Nickel, or by other aliases like as APT15 and Vixen Panda.
The sites served China’s geopolitical goals, and Microsoft’s Digital Crimes Unit struck down, redirecting associated traffic to safeguard the servers. According to Microsoft, the action “aided us in protecting current and prospective victims while learning more about Nickel’s actions.”
While the Chinese hacking base targeted both the private and public sectors, Microsoft apparently revealed that its own servers were protected and that the company had discovered no vulnerabilities in Microsoft products that were linked to the malicious websites. Nickel has been tracked by Microsoft Threat Intelligence Center (MSTIC) since 2016 and data on its activity has been collected since 2019.
Meanwhile, Microsoft’s corporate vice president, Tom Burt, stated in a blog post, “Obtaining control of the malicious websites and transferring traffic from those sites to Microsoft’s safe servers will help us protect existing and future victims while learning more about Nickel’s operations.”
“Our disruption will not preclude Nickel from continuing other cyber activities, but we believe we have eliminated a crucial piece of infrastructure the gang has been relying on for this new wave of attacks,” he added.
So far, Microsoft has taken down over 10,000 harmful websites used by cybercriminals and almost 600 sites used by nation-state actors in 24 lawsuits, five of which were filed against nation-state actors.
“We have also successfully stopped the registration of 600,000 sites to get ahead of criminal actors who planned to use them maliciously in the future,” the tech behemoth said.
Nickel malware was found using exploits against unpatched on-premises Exchange Server and SharePoint systems in some cases.
“However, as a result of these attacks, we have not discovered any new vulnerabilities in Microsoft products. Microsoft has developed unique signatures to detect and guard against known Nickel activity in our security solutions, including as Microsoft 365 Defender “The business made this observation.
A Chinese national and Deputy Division Director of the Sixth Bureau of Jiangsu Province’s [Ministry of State Security] was convicted earlier this month by a federal jury in the United States of conspiring to and attempting to commit economic espionage and trade secret theft.
Yanjun Xu, 41, became the first Chinese intelligence officer to be extradited and face the trial in the United States in an espionage case.
The US Department of Justice found the Chinese intelligence operative “guilty on all counts” for illegally using numerous aliases dating back to 2013 to steal the trade secrets of prominent US aviation companies, according to a news release quoting federal court documents.
Follow The420.in on