Fifty websites have been taken over from a North Korean hacking group by Microsoft. The websites were being used to carry out cyberattacks. This important information came to us from CNBC in their article, “Microsoft says North Korea-based hackers were stealing sensitive information.”
The group is called Thallium and was using a technique known as spear phishing to trick its victims. Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.
In this case, they gathered information about individuals through the public domain and social media, then crafted personalized emails that looked credible. Those emails directed users to fraudulent websites where their account login details were compromised, which allowed the attackers to read emails, look at contact lists and access calendar appointments.
The group’s targets included government employees, think tanks, university staff and individuals working on nuclear proliferation issues, mostly based in the United States, Japan, and South Korea.
Melody K. Smith
Sponsored by Data Harmony, a unit of Access Innovations, the world leader in indexing and making content findable.