Microsoft Digital Crimes Unit (DCU) has confirmed that a North Korean hacking group code-named as Thallium by Microsoft researchers is targeting windows loaded systems of well-known celebrities which includes University staff, political think tanks, those operating nuclear grids, as well as activists working for world peace and human rights.
The DCU of Microsoft says that the cyber threat persists from Advanced Persistent Threat(APT) hacking group shortly known as APT37 and only seen targeting Windows machines operating in United States, Japan, and North Korea.
Tom Burt, the Corporate Vice President of Customer Security and Trust, Microsoft has confirmed the news in a statement released on the official blog of December 30th,2019.
Burt added that Thallium is into multiple hacking activities which include targeting user credentials, implanting malware into computer networks to steal and exfiltrate data, and encrypting files on the victimized computer through ransomware or hibernating in the background till further instructions are activated by the said hacking group.
The good news is that Microsoft has taken control of over 50 domains held by Thallium to conduct malevolent cyber operations and has neutralized them on a permanent note. A report on the issue was submitted to the US district court last week which specified that Thallium victimized thousands of the people through spear-phishing attacks.
Microsoft’s Tom Burt stated that more work has to be done like raising awareness campaigns on what has been done so far to tackle cyber attacks and what still needs to be done proactively.