Microsoft has disrupted a hacking group’s activities after legally seizing malicious websites operated by a Chinese threat group named Nickel.
Nickel was discovered to have targeted multiple firms in 28 countries, including human rights organisations, government agencies, and other intelligence groups. For this reason, Microsoft believed that the Chinese threat group was mainly focusing on attacking intelligence gatherings.
The Eastern District of Virginia federal court permitted Microsoft to seize Nickel’s websites to disrupt the threat group’s access to their victims. Furthermore, the threat group’s website will no longer be useful since it has been restricted from all online activities, including cyberattacks.
According to one of the heads of Microsoft, they already sent notifications to affected users regarding the attacks conducted by the Chinese threat group. By securing Nickel’s servers, Microsoft believes that they can further protect their present and future customers and learn more about the threat group’s activities.
Microsoft is well aware that its disruption will not stop the Chinese threat group from performing other malicious activities.
Nonetheless, they are certain that they have removed a vital key from Nickel’s infrastructure that they depend on in their latest attack activities.
From previous reports, Nickel has been eyed by Microsoft’s Threat Intelligence Centre since 2016 because of its malicious activities relating to using malware to hijack networks of firms and steal their data or spy on them.
The Chinese threat group is also notorious for leveraging VPNs (Virtual Private Networks) and Microsoft’s Exchange Server and SharePoint vulnerabilities as they attack corporations. Nonetheless, the tech giant explained that their latest investigation on Nickel reveals no new vulnerabilities within Microsoft products.
The tech giant also described Nickel as one of the most active threat groups focused on attacking government and intelligence gatherings. According to data, the Chinese threat group’s attacks have a 90% success rate as they targeted organisations based mainly in Africa, America, Europe, and the Caribbean. Aside from the most targeted countries, researchers also found attack histories against other countries, including Brazil, Switzerland, Italy, the UK, France, and more.
Microsoft’s experts and analysts also linked the affected countries’ targeted organisations and China’s geopolitical interests. They will continuously monitor the Chinese threat group and further improve their security measures, highlighting that they will share their discoveries regardless of where they originated.
