Cybercrime: Microsoft disrupts activities of China-based hacking group in 29 countries

*The Microsoft Digital Crimes Unit (DCU) discloses it has disrupted activities of a China-based hacking group, dubbed ‘Nickel’ by successfully seizing a set of Nickel-operated Web sites to protect consumers in the US and 28 other countries of the world

Isola Moses | ConsumerConnect

In regard to the reported China hacking capabilities, the Microsoft Digital Crimes Unit (DCU) has said that it disrupted the activities of a hacking group, dubbed Nickel by successfully confiscating a set of Nickel-operated Web sites in 29 countries worldwide.

China-based threat actor Nickel, also known as APT15, APT25, and KeChang, reportedly  targeted governments, diplomatic entities, and Non-Governmental Organisations (NGOs) across Central and South America, the Caribbean, Europe, and North America.

Following a court order from the US District Court for the Eastern District of Virginia, DCU seized a set of Web sites Nickel was using to attack organisations in the United States and 28 other countries worldwide, agency report said.

According to Microsoft, the seizure of these sites enabled the global tech giant to cut off Nickel’s access to its victims and prevent the websites from being used to execute attacks.

The company also stated: “We believe these attacks were largely being used for intelligence gathering from government agencies, think tanks, and human rights organisations.”

By obtaining control of the malicious Web sites, Microsoft can redirect traffic from those sites to Microsoft’s secure servers that help them “protect existing and future victims while learning more about Nickel’s activities.”

However, Microsoft noted, this will not prevent Nickel from continuing other hacking activities.

“But we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks,” Microsoft said.

The Microsoft Threat Intelligence Center (MSTIC) has been tracking Nickel since 2016 and analyzing this specific activity since 2019. While Nickel’s techniques are sophisticated and varied, they nearly always had one goal: to insert hard-to-detect malware that facilitates intrusion, surveillance, and data theft.

Nickel has targeted organisations in both private and public sectors, including diplomatic organisations and ministries of foreign affairs in North America, Central America, South America, the Caribbean, Europe, and Africa.

Microsoft said there is often a correlation between Nickel’s targets and China’s geopolitical interests.

Aside ffrom the United States, the Big Tech said the countries in which Nickel has been active include Argentina, Barbados, Bosnia and Herzegovina, Brazil, Bulgaria, Chile, Colombia, Croatia, Czech Republic, Dominican Republic and Ecuador.

Others are El Salvador, France, Guatemala, Honduras, Hungary, Italy, Jamaica, Mali, Mexico, Montenegro, Panama, Peru, Portugal, Switzerland, Trinidad and Tobago, the United Kingdom, and Venezuela.

Kindly Share This Story