Trending: MacKenzie Bezos, Amazon CEO’s ex-wife, sells $400M in stock after pledge to give away billions
Microsoft’s Digital Crime Unit in Redmond, Wash. (Microsoft Photo /
Benjamin Benschneider)

Microsoft said it got a court order to seize 50 websites used by a hacker group with ties to North Korea that targeted government employees, universities, human rights organizations and nuclear proliferation groups in the U.S., Japan and South Korea.

The group, known as Thallium, uses the network of websites, domains and connected computers to send out “spear phishing” emails. Hackers gather as much information on targets as they can to personalize messages and make them appear legitimate.

When the target clicks on a link in the email, hackers are then able to “compromise their online accounts, infect their computers, compromise the security of their networks and steal sensitive information,” Microsoft wrote in a blog post.

Microsoft showed an example of one of Thallium’s spear phishing messages. It looks very much like a standard notification that comes with signing into a Microsoft account in a new location. One big difference, Microsoft says, is the group combined the letters “r” and “n” in the domain name to look like the first letter “m” in “microsoft.com.”

An example Thallium spear phishing message. (Microsoft Photo)

Microsoft, through its Digital Crimes Unit and Threat Intelligence Center, has positioned itself as an important line of defense against so-called “nation state” hacking organizations. Microsoft has in recent years taken on hacking groups with ties to China, Iran and Russia.

The tech giant uses the information it gathers from tracking these hackers to beef up its security products. Microsoft recommended a number of actions organizations can take to better protect themselves, including enabling two-factor authentication on business and personal email accounts, training people to spot phishing attempts and enabling security alerts about links and files from suspicious websites.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Comments

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.