Photo: Scott Peterson / Getty Images
Microsoft announced Wednesday it had last week taken possession of 99 web domains used by a hacker group known as Charming Kitten, which has been linked to the government of Iran.
The big picture: Microsoft has waged one of the most effective and most intriguing defensive campaigns against nation-led hacking teams — challenging their right to use look-alike phishing web domains in civil court.
Details: The current haul of websites includes domains like "outlook-verify[.]net," which Microsoft claims Charming Kitten used to send phishing emails to victims.
- Using the fake sites, the group either tricks users into entering their account credentials by notifying them of a false security risk or sends links, often appearing to be from friends, that will download malware.
- "Our work to track [Charming Kitten] over multiple years and observe its activity enabled us to build a decisive legal case and execute last week’s action with confidence we could have significant impact on the group’s infrastructure," Tom Burt, corporate vice president of customer security and trust wrote on Microsoft's official blog.
Microsoft is best known for taking Russian hackers to court to gain control of their phishing domains.