Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Takes Control of 99 Domains Operated By Iranian State Hackers (zdnet.com)

Posted by BeauHD on from the what's-yours-is-mine dept.

An anonymous reader quotes a report from ZDNet: Court documents unsealed today revealed that Microsoft has been waging a secret battle against a group of Iranian government-sponsored hackers. The OS maker sued and won a restraining order that allowed it to take control of 99 web domains that had been previously owned and operated by a group of Iranian hackers known in cyber-security circles as APT35, Phosphorus, Charming Kitten, and the Ajax Security Team. The domains had been used as part of spear-phishing campaigns aimed at users in the US and across the world.

APT35 hackers had registered these domains to incorporate the names of well-known brands, such as Microsoft, Yahoo, and others. The domains were then used to collect login credentials for users the group had tricked into accessing their sites. The tactic is decades old but is still extremely successful at tricking users into unwittingly disclosing usernames and passwords, even today. Some of the domains Microsoft has confiscated include the likes of outlook-verify.net, yahoo-verify.net, verification-live.com, and myaccount-services.net. Microsoft said it received substantial support from the domain registrars, which transferred the domains over to Microsoft as soon as the company obtained a court order.

9 of 49 comments (clear)

  1. Act of War by quenda · · Score: 1

    I hope those Iranian hackers were not trying to sabotage American factories.
    Because that would be an illegal act of war, deserving international condemnation and sanctions.

    1. Re:Act of War by Gravis+Zero · · Score: 1

      I hope those Iranian hackers were not trying to sabotage American factories.

      That would be small potatoes and retardedly shortsighted. It's far more likely that they were seeking to get credentials to get deeper access into the workplaces of the targets to copy intellectual property which can cost millions to develop.

      --
      Anons need not reply. Questions end with a question mark.
    2. Re:Act of War by xenobyte · · Score: 1

      I hope those Iranian hackers were not trying to sabotage American factories.

      That would be small potatoes and retardedly shortsighted. It's far more likely that they were seeking to get credentials to get deeper access into the workplaces of the targets to copy intellectual property which can cost millions to develop.

      Or simply gain a foothold inside vital companies, energy distribution and other essential systems. They could then sabotage their operation as an act of (covert) war. This is pretty much SOP for military intelligence services worldwide and "state hackers" is simply another word for "hackers working for the Iranian military intelligence service".

      --
      "For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
    3. Re:Act of War by Gravis+Zero · · Score: 1

      Or simply gain a foothold inside vital companies, energy distribution and other essential systems. They could then sabotage their operation as an act of (covert) war.

      Poppycock! We've already seen a worst case scenario for energy distribution systems play out in the US and military systems were not impacted.

      --
      Anons need not reply. Questions end with a question mark.
    4. Re:Act of War by cyberchondriac · · Score: 1

      Did everyone miss the sarcasm here? I believe he was backhandedly referring to the Stuxnet affair, not that I'm sympathetic.

      --

      Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
    5. Re:Act of War by quenda · · Score: 1

      Did everyone miss the sarcasm here? I believe he was backhandedly referring to the Stuxnet affair, not that I'm sympathetic.

      Thanks. Glad somebody is paying attention :-)
      I understand the reasons for Stuxnet, but you have to expect some blowback.

  2. This explains things... by Patent+Lover · · Score: 1

    I was wondering where IranSaysFuckYouAmerica.com went.

  3. Re:Iranians? by ClickOnThis · · Score: 1

    I thought they liked to be called Persians.

    Yes they do. As opposed to Arabs. But they're still Iranians.

    --
    If it weren't for deadlines, nothing would be late.
  4. Please sing all together... by LordHighExecutioner · · Score: 1

    99 domains from Iran on the net
    Take one down and pass it around, 98 domains from Iran on the net.

    98 domains from Iran on the net...