Today it is reported that Microsoft Digital Crime Unit has stopped a malicious cyber campaign against a group supported by the Iranian regime Bohrium and has taken legal action against this threatening actor!
Bohrium are known to pose as recruiters for work in various fields such as technology education transport and government and once they have lured a victim they will send malicious emails loaded with malware that will either allow Remote Code Execution (RCE) or will connect to victims machine to a command and control server (C2C) so they can access all of victims files. Microsoft have also said that they have took down over 41 domains that are being used by Bohrium as C2C servers.
In legal document shared by Microsoft there is no date about when Bohrium started this ugly campaign but suggestions suggest that Bohrium started this campaign as early as 2017!! It also suggest that Bohrium have "conducted remote reconnaissance" and "stole authentication credentials"
It is still early to see if Microsoft legal challenge will be successful but it forces Bohrium to be exposed as yet another evil cyber group of Iranian regime. Be careful friends!!
No comments:
Post a Comment