Microsoft Captures the Websites used by Iranian Hackers

The 99 Websites which were said to be used by Iranian hackers for stealing sensitive information from US targets have now been under Microsoft's control.

This lets the tech giant stop any future cyber attacks and also check how previously infected computers were compromised.

The hackers “specifically directed” their attacks on people in Washington, Microsoft said in the filing. The hacking group typically has targeted the personal email accounts of people working in both the public and private sectors, including dissidents and workers in government agencies, Microsoft said in court documents.

Among the targeted, users from the Treasury Department and similar agencies were found to be more.

The Treasury Department, which did not immediately respond to a request for comment, oversees economic sanctions against Iran. Microsoft sued the hackers in the United States District Court in Washington and asked to gain control of the sites, saying the hackers had harmed its brand and the value of its trademarks by impersonating its products to trick victims. On March 15, Judge Amy Berman Jackson granted a temporary restraining order that let Microsoft take over the websites.

Microsoft said the hacking group, which it calls Phosphorus but is also known as APT 35 and Charming Kitten had been linked to Iran. The group uses a technique known as spear phishing, sending an email and social media links to victims while imitating the personas of people or institutions they may know. That either prompts the users to click on links that install malware that lets the hacker's spy on the victims’ computers or prompts the victims to enter their login credentials, which the hackers then later use to log in to official systems.