Microsoft seizes 99 Iranian websites used for hacking and cyber attacks

The group used websites and links disguised to look like popular internet sites including Microsoft and its LinkedIn, Outlook and Windows products.

By JERUSALEM POST STAFF
A man holds a laptop computer as cyber code is projected on him (photo credit: KACPER PEMPEL/REUTERS)
A man holds a laptop computer as cyber code is projected on him
(photo credit: KACPER PEMPEL/REUTERS)
Microsoft says it has seized 99 Iranian websites used to steal confidential information and launch cyber attacks.
In a report by the Associated Press, Microsoft said that it had been tracking and watching the group of hackers for almost six years - since 2013.
The group used websites and links disguised to look like popular internet sites ncluding Microsoft and its LinkedIn, Outlook and Windows products to try and steal information from reporters, activists, groups, and political dissidents in the Middle East, including those "protesting oppressive regimes," Microsoft confirmed in court filing.
The hackers were found to be from Iran but "not specifically to its government," AP reported. Tehran has also denied being involved in hacking-related sandals in the past.
Speaking to AP, security researcher at Atlanta-based Secureworks, Allison Wikoff, said it is one of the “more active Iranian threat groups” she has observed.
She added Microsoft's take down was "a big win" using a practice known as “sinkholing,” which involves taking over adversary domains and analyzing their traffic to protect against future attacks.
In the past, Microsoft has taken hackers to court. It used a similar strategy to "sinkholing" in 2016 to seize fake domains created by Russia-backed hackers.