Microsoft accuses North Korean hackers of stealing data
(Baonghean.vn) - Microsoft has accused two hackers with ties to North Korea of targeting data on thousands of employees of universities and government organizations, and warned that attacks could increase ahead of the 2020 US presidential election.
 |
According to Microsoft, two hackers nicknamed “John Doe 1” and “John Doe 2” are operating a network called “Thalliun” to steal sensitive data. The targets are the correspondence of government officials, experts from strategic consulting groups and university experts in the field of nuclear proliferation.
“Thallium” is a network of websites, domains, and computers that hackers use to break into Microsoft user accounts. The way “Thallium” works is by selecting a target who uses Microsoft software and searching for their email address on the internet or social media. The hacker then uses a Hotmail, Gmail, or Yahoo email account to send a warning to that employee that someone is trying to illegally access their account, and advises them to click on an attached link to fix the problem. When the victim clicks on this link, their computer is connected to a website controlled by “Thaillium.”
Once it has control of a victim's account, Thallium will regularly log into the account to review transactional emails, contacts, or any other useful information. Microsoft is now accusing Thallium of computer fraud, privacy violations, and trademark infringement.
Microsoft previously warned more than 10,000 of its customers in Russia and Iran that their databases were being targeted by hackers. Tom Burt, Microsoft's vice president in charge of customer security, said that data theft attacks could increase ahead of the 2020 US presidential election, with the primary target being the candidates' campaigns.