1 min read

Microsoft disrupts Bohrium spear-phishing ring by seizing 41 domains

Graham CLULEY

June 09, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft disrupts Bohrium spear-phishing ring by seizing 41 domains

An Iranian hacking gang called Bohrium has had its activities disrupted after Microsoft seized control of 41 domains used in spear-phishing attacks.

The hackers, who are said to have targeted technology, transport, government and education sectors in the United States, Middle East, and India, are said to have often posed as recruiters targeting victims inside organisations with malicious emails.

Amy Hogan-Burney, the General Manager of Microsoft's Digital Crimes Unit (DCU), explained in a tweet that the Bohrium gang created fake social media profiles in an attempt to make their attacks look more convincing, sending out emails with links that "ultimately infected their target's computers with malware."

In court filings, Microsoft explained that the attacks were designed to exfiltrate sensitive information from compromised computers, seize remote control of hacked PCs, and spy on computer activity.

In an attempt to halt the Bohrium group's activities, Microsoft obtained a court order seizing 41 domains used as command-and-control infrastructure by the gang, including microsoftsync.org.

In its complaint, Microsoft explained that its trademarks had been used without permission in order to trick targeted individuals into handing over their login credentials.

In addition, Microsoft claimed that the Bohrium hackers corrupted "Microsoft's applications on victims' computers and Microsoft's servers, thereby using them to monitor the activities of users and steal information from them."

The full list of seized domains is:

  • alpha-olive.com
  • cendual.com
  • cloudscomputers.com
  • deliverymessage.com
  • deliveryreporter.com
  • ebtlicense.com
  • edge-cloudservices.com
  • helpdesk-product.com
  • insyncdigitalbd.com
  • learnersarea.com
  • manoramaonlines.com
  • mitoplatform.com
  • outlookdelivery.com
  • servicecult.com
  • sharepointfile.com
  • sitesanalyzer.com
  • softwarepays.com
  • supportskype.com
  • symantecdll.com
  • technewsportals.com
  • techtosolution.com
  • thepetrosolution.com
  • veritasanalyzer.com
  • vibrantmariners.com
  • activatetech.info
  • futuremedias.info
  • healthcaretip.info
  • microsoftdefender.info
  • microsoftedgesh.info
  • freechess.live
  • outlookde.live
  • office-shop.me
  • bestweight.net
  • electroboard.net
  • equip-med.org
  • librarycollection.org
  • microsoftsecure.org
  • microsoftsync.org
  • penspen.org
  • xchange-connect.org
  • bluecake.xyz

Earlier this month, Microsoft revealed that it had disrupted a malicious campaign operated by Lebanon-based hackers dubbed "Polonium" who had targeted Israeli organisations by abusing OneDrive.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese Man Pleads Guilty to Cyberstalking, Stealing Identity of College Student Chinese Man Pleads Guilty to Cyberstalking, Stealing Identity of College Student
Alina BÎZGĂ

June 29, 2022

2 min read
Latest Firefox Update Adds Anti-Tracking URL-Stripping Feature Latest Firefox Update Adds Anti-Tracking URL-Stripping Feature
Vlad CONSTANTINESCU

June 29, 2022

1 min read
Deepfakes Used to Apply for Remote Work Jobs Deepfakes Used to Apply for Remote Work Jobs
Filip TRUȚĂ

June 29, 2022

2 min read