Jump to content
  • Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers

    aum

    • 459 views
    • 2 minutes
     Share


    • 459 views
    • 2 minutes

    Microsoft's Digital Crimes Unit (DCU) last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation.


    The adversarial collective is said to have targeted entities in tech, transportation, government, and education sectors located in the U.S., Middle East, and India.


    "Bohrium actors create fake social media profiles, often posing as recruiters," Amy Hogan-Burney of the DCU said in a tweet. "Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target's computers with malware."


    According to an ex parte order shared by the tech giant, the goal of the intrusions was to steal and exfiltrate sensitive information, take control over the infected machines, and carry out remote reconnaissance.


    To halt the malicious activities of Bohrium, Microsoft said it took down 41 ".com," ".info," ".live," ".me," ".net," ".org," and ".xyz" domains that were used as command-and-control infrastructure to facilitate the spear-phishing campaign.


    The disclosure comes as Microsoft revealed that it identified and disabled malicious OneDrive activity perpetrated by a previously undocumented threat actor codenamed Polonium since February 2022.


    The incidents, which involved the use of OneDrive as command-and-control, were part of a larger wave of attacks the hacking group launched against over 20 organizations based in Israel and Lebanon.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...