They entered the systems of companies, government agencies and NGOs to block them and steal information
Microsoft has taken down the servers and dismantled the Chinese cybercriminal group Nickel, which had carried out cyberattacks against organizations in 29 countries, including government agencies and human rights organizations.
Microsoft’s Digital Crimes Unit (DCU) has seized the web pages used by Nickel to carry out his cyberattacks, after receiving a request from a district court in the Eastern District of Virginia, in the United States, as Microsoft has reported it’s a statement. By blocking these pages, Microsoft ensures that it has been able to cut off Nickel’s access to its victims, as well as prevent the implicated pages from being used to commit cyberattacks, although this will not prevent the group from continuing to operate in the future.
The American company has explained that Nickel’s attacks were directed against the United States and 28 other countries, including European nations such as France, Portugal, Italy or the United Kingdom, and also multiple Latin American countries such as Argentina, Mexico, Colombia and Brazil. He has also assured that it is a group of cybercriminals sponsored by a State and that its favorite victims are government agencies, think tanks and human rights organizations.
Microsoft had previously analyzed Nickel’s operations since 2016 and had analyzed this specific illegal activity since 2019, which it has defined as a “highly sophisticated attack.”
Cybercriminals used a variety of techniques with the same common goal of inserting hard-to-detect ‘malware’ with which to carry out intrusion, surveillance and data theft tasks. Their attacks could lead to the implication of third parties such as virtual private network (VPN) providers, credential theft or targeted ‘phishing’ attacks, and in some cases included the use of vulnerabilities ‘exploits’ in Exchange Server and SharePoint.
.
#Microsoft #dismantles #Chinese #cybercriminal #group #Nickel #attacked #countries