Microsoft seizes 99 Iranian websites used for hacking and cyber attacks

The group used websites and links disguised to look like popular internet sites including Microsoft and its LinkedIn, Outlook and Windows products.

March 29, 2019 11:28
1 minute read.
A man holds a laptop computer as cyber code is projected on him

A man holds a laptop computer as cyber code is projected on him. (photo credit: KACPER PEMPEL/REUTERS)


Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analysis from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief


Microsoft says it has seized 99 Iranian websites used to steal confidential information and launch cyber attacks.

In a report by the Associated Press, Microsoft said that it had been tracking and watching the group of hackers for almost six years - since 2013.

The group used websites and links disguised to look like popular internet sites ncluding Microsoft and its LinkedIn, Outlook and Windows products to try and steal information from reporters, activists, groups, and political dissidents in the Middle East, including those "protesting oppressive regimes," Microsoft confirmed in court filing.

The hackers were found to be from Iran but "not specifically to its government," AP reported. Tehran has also denied being involved in hacking-related sandals in the past.

Speaking to AP, security researcher at Atlanta-based Secureworks, Allison Wikoff, said it is one of the “more active Iranian threat groups” she has observed.

She added Microsoft's take down was "a big win" using a practice known as “sinkholing,” which involves taking over adversary domains and analyzing their traffic to protect against future attacks.

In the past, Microsoft has taken hackers to court. It used a similar strategy to "sinkholing" in 2016 to seize fake domains created by Russia-backed hackers.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

A TAP Air Portugal plane.
April 20, 2019
Kosovo returns families of jihadists from Syria