Microsoft has taken control of several websites being used by a hacking group funded by the Chinese government to target organizations in 29 countries, including the United States. According to Microsoft’s Digital Crimes Unit (DCI), a federal judge in Virginia granted an order authorizing Microsoft to take control of the websites and divert traffic to Microsoft servers.
According to the company, a state-sponsored hacking organization known as Nickel, or APT15, used these fraudulent websites to acquire intelligence from government institutions, think tanks, and human rights organizations.
Microsoft did not name Nickel’s targets, but the group has claimed to be targeting organizations in the United States and 28 other countries. “There is frequently a correlation between Nickel’s objectives and China’s geopolitical interests,” it continued.
Microsoft said it observed “highly sophisticated” attacks that installed hard-to-detect malware that facilitates intrusion, surveillance, and data theft. Microsoft has been tracking Nickel since 2016 and previously described it as one of the “most active” hacking groups targeting government agencies.