Thallium Hacking Group’s Malicious Websites Tracked and Taken Down by Microsoft

In a major crackdown, Microsoft has announced that it successfully took down 50 web domains operated by the North Korea-based Thallium hacking group. These domains were used to launch cyberattacks from the group.The APT group has been active since at least 2010 and Microsoft revealed that the hackers launched spear-phishing using legitimate services including Gmail, Yahoo, and Hotmail. The OS maker disclosed that the Digital Crimes Unit (DCU) along with its Threat Intelligence Center (MSTIC) teams have been monitoring Thallium for months, tracking their activities and mapping their infrastructure. Shortly after Christmas, Microsoft had taken over 50 domains with permission from the US authorities.