Court Order Seizes Websites Used By China-Based Hacking Group, Says Microsoft


“We believe these attacks were widely used for intelligence gathering from government agencies, think tanks and human rights organizations,” wrote Tom Burt, corporate vice president. at Microsoft, in a blog post.

Microsoft’s move is part of a larger effort by U.S. tech companies and government agencies to expose sophisticated digital spy campaigns before they do too much damage. In another case, the National Security Agency investigated an ongoing hacking program in which suspected Chinese agents raped several US defense and technology companies.

Microsoft has refused to publicly identify the organizations targeted in the recently exposed hacking campaign. But the tech company said Chinese hackers used to try to collect sensitive data from diplomatic organizations and foreign ministries in North and South America, as well as in Europe and South America. Africa.

In 2017, Chinese hackers raped a UK government contractor seeking information on military technology and stole “sensitive documents” in the process, according to a security firm that responded to the incident. . Last year, mobile security firm Lookout linked the hacking group to malware found on Uyghur cellphones. Western governments have accused China of committing genocide against the Uyghurs.

The United States District Court’s order for the Eastern District of Virginia allowed Microsoft to take control of 42 web domains that hackers were using in an attempt to violate their objectives. Traffic from these websites is now routed to computer servers controlled by Microsoft.

This is the latest example of how Microsoft and other powerful tech companies have taken advantage of the fact that foreign spies sometimes use US infrastructure in their hacking efforts. Microsoft says its five lawsuits against hacking groups linked to foreign governments led to the seizure of nearly 600 of the hacker’s websites.

Any setback suffered by the Chinese hacking group or others will likely be temporary, as hackers can find new infrastructure to use. But the purpose of the seizure is to give the potential victims of the hackers time to defend themselves.


About Author

Comments are closed.