A spear-phishing hacking scam launched by dark web hackers has been tracked to several countries. The scam operation with links to the Bohrium hackers has been under the radar of the Microsoft Digital Crimes Unit (DCU). The group of Bohrium threat actors is of Iranian origin and has launched the latest cyber attacks against individuals in India, the Middle East, and the United States.
Reports on the recently thwarted phishing attack by the criminal hackers, the Microsoft cyber security analysts stated that the Bohrium hackers’ main targets were millions of consumers across several continents, with mainly those affected residing in the three listed countries.
Amy Hogan-Burney, the General Manager of Microsoft DCU revealed that the Iranian hacking group was responsible for phishing attacks launched against several industries. Bohrium’s main target was listed as companies that operate in the education sector. A variety of other industries that reported phishing scams are transportation, technology, and private government entities.
The Microsoft cyber security team has been busy removing malicious domains set up by criminal hackers. So far, the cyber security team removed 41 domains linked to the hacking group. In a published report, the tech company documented that the threat actors created a control and command group of websites to launch their latest phishing scam campaign.
Microsoft Filed Lawsuit Against Hackers
With the infrastructure set up by the hackers, they effortlessly deployed a plethora of maliciously coded software on intended victims’ Android and other tech devices. And once the attackers acquire access to these targeted tech gadgets, they will next move to the other phase of their hacking operation, which infiltrate and extract data from the compromised tech devices.
Microsoft has initiated court proceedings against the Iranian hackers, which claimed that the criminals purposefully access its consumers’ network systems through computer viruses. The charges revealed that malicious codes with the hackers’ instructions infiltrated Microsoft’s operating systems, and computer networks of its customer base without authorization from the tech giant.
However, Microsoft court filings did not specify when the Bohrium hackers first launched the phishing scam against its brand. But analytical reports from the cyber security team registered a time frame of several years.
While tracking the spear-phishing operation; it was revealed that several hundred domains were removed by Microsoft, all of which distributed the threat actors’ malware payloads since 2017.