Microsoft recommends the public take cybersecurity precautions after the company took legal action against a North Korean group that used phishing and malware to target U.S., Japanese and South Korean entities.
Tom Burt, a corporate vice president at Microsoft, wrote in a blog post published Monday that Microsoft filed a court case against the nation-state group Thallium and was authorized to take over 50 domains used by the group to facilitate attacks.
The court order comes after Microsoft’s Digital Crimes Unit and Threat Intelligence Center both commenced research into the group’s activities and found that it used “spear phishing” tactics, which uses fraudulent links in emails to obtain personal information and password updates.
Thallium also deployed malware designed to infiltrate systems and steal data from government personnel, academic institutions, nuclear proliferation entities and human rights organizations, according to Burt.
“We think it’s critical that governments and the private sector are increasingly transparent about nation-state activity so we can all continue the global dialogue about protecting the internet,” Burt said. “We also hope publishing this information helps raise awareness among organizations and individuals about steps they can take to protect themselves.”
Previously, Microsoft filed similar cases against cybercrime groups operating in China, Russia and Iran.