March 25, 2023

Microsoft Digital Crimes Unit (DCU) has identified and blocked a spear-phishing operation of Bohrium linked to an Iranian threat actor targeting customers in the U.S., Middle East, and India.

Microsoft has taken down 41 domains used in this campaign to establish C2 infrastructure that enabled the attackers to deploy malicious tools designed to help them gain access to targets’ devices and exfiltrate stolen information from compromised systems.

Advertisements

Threat actors have been intentionally accessing and sending malicious software, code, and instructions to the protected computers, operating systems, and computers networks of Microsoft and the customers of Microsoft, without authorization, Microsoft said in a statement.

Though the timeline is unknown, the domain taken down by Microsoft were used way back in 2017 for hosting malicious contents.

This action is part of a long series of lawsuits targeting malicious infrastructure used in attacks against Microsoft customers worldwide.

Advertisements

To date, in 24 lawsuits – five against nation-state actors – microsoft has taken down more than 10,000 malicious websites used by cybercriminals and nearly 600 sites used by nation-state actors.

Tags:

Leave a Reply

You may have missed

Github seizes Exposed RSA SSH Key

Github seizes Exposed RSA SSH Key

March 24, 2023
MITRE Risk Model Manager Platform

MITRE Risk Model Manager Platform

March 24, 2023
Pwn2Own Vancouver 2023 -Day 2 Summary

Pwn2Own Vancouver 2023 -Day 2 Summary

March 24, 2023
Pwn2Own Vancouver 2023 -Day 1 Summary

Pwn2Own Vancouver 2023 -Day 1 Summary

March 24, 2023
ServiceNow AI and Security Enhancements in Utah release

ServiceNow AI and Security Enhancements in Utah release

March 24, 2023
LionsGate Exposes User Data

LionsGate Exposes User Data

March 23, 2023
%d bloggers like this: