Microsoft experts said last week that the Russian hacker group APT29 (aka Cozy Bear, Dukes,…
Tom Burt, Microsoft’s vice president of security and customer trust, writes that the hijacked domains were used to “collect data” from government agencies, think tanks and advocacy organizations. This campaign has been running since autumn 2019.
According to the court ruling, the hacker’s domains were redirected “to secure servers by changing the authorized domain name servers to NS104a.microsoftintemetsafety.net and NS104b.microsoftintemetsafety.net.”
The hack group reportedly compromised their victims by hacking into third-party VPN service providers as well as stolen credentials (usually from targeted phishing campaigns).
Of course, the seizure of Nickel’s domains was sanctioned by the court, and this claim has already become 24th on Microsoft’s account. Let me remind you that earlier the company through the courts obtained control over domains belonging to hackers SolarWinds, Iranian APT35, Necurs and Thallium botnets, North Korean hackers and Nigerian BEC scammers.
Let me remind you that we also said that Microsoft gained control over six domains of “Coronavirus” scammers.
Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…
Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…
Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…
Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…
Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…
Helistym.xyz is a site that tries to force you into clik to its browser notifications…