Microsoft seized a number of websites that were being used by a China-based hacking firm to carry out cyberattacks against organizations in the United States and 28 other countries around the world.
Microsoft said that a federal court in Virginia had granted its request to seize websites that were being run by a hacker group.
Microsoft said it has been following nickel since 2016 and has been monitoring it.
Microsoft's corporate vice president of customer security and trust said that the attacks were mostly being used for intelligence gathering from government agencies.
The company is redirecting traffic to secure Microsoft server to help protect existing and future victims.
We believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks, but our disruption will not prevent other hacking activities.
The hackers use a variety of techniques, but often install undetected software that allows for data theft and snooping.
Sometimes, nickel's attacks used compromised third-party virtual private network suppliers or stolen credentials obtained from spear-phishing campaigns. In some observed activity, the nickel worm used exploits to target unpatched Exchange server and SharePoint systems. We have not observed any new vulnerabilities in Microsoft products.
Microsoft created unique signatures to detect and protect from known nickel activity through its various security products.
The hackers targeted both private and public organizations, including diplomatic organizations and ministries of foreign affairs in North America, Central America, South America, the Caribbean, Europe, and Africa.
Microsoft said that there is a correlation between China's interests and Nickel's targets.
Microsoft acknowledged that it alone cannot prevent such attacks from cybercriminals, but said it will continue to take down malicious infrastructure, better understand actor tactics, protect our customers and inform the broader debate on acceptable norms in cyberspace.
The tech giant called on others operating within the industry, as well as governments and civil society to come together and establish a new consensus for what is and isn't appropriate behavior in cyberspace.
More than 10,000 malicious websites have been taken down by the company's Digital Crimes Unit through 24 lawsuits, and 600,000 more have been blocked.
The United States and its allies face a major threat from hacking by the People's Republic of China.
The administration accused the Chinese government of being behind a hacking campaign against Microsoft, which allowed attackers to exploit a flaw in a Microsoft email application to go after a number of American targets.
The White House said in a statement at the time that they had raised their concerns about the PRC's actions with senior PRC Government officials, making clear that the PRC's actions threaten security, confidence, and stability in cyberspace.
In August, the White House announced that a number of the country's leading technology companies have pledged to invest billions of dollars to bolster cybersecurity by training tens of thousands of people in cybersecurity skills, enhancing open-source software security, and providing technical services to help local governments boost security protections.
By Katabella Roberts.
Roberts is a reporter in Turkey. She covers business and news for The Epoch Times.
