Microsoft in a blog post announced it has taken legal action to stop a massive hacking campaign related to COVID-19. The U.S. District Court for the Eastern District of Virginia on Tuesday unsealed documents detailing how the company disrupted the work of cybercriminals attempting to defraud customers from 62 countries in total.
There's been an increase in cyberattacks during the coronavirus pandemic. Criminals are aware that more people are using their digital devices to communicate and transact, and they use this time as an opportunity to scam people out of their money.
Tom Burt, corporate vice president for customer security and trust at Microsoft, detailed in the blog about the hacking campaign, which had targeted millions of individuals through phishing emails.
According to Microsoft, it first spotted the hacking campaign in December. The tactic used by the criminals changed upon the spread of the coronavirus, using the pandemic to trick victims. The emails would pose as business discussions, sending out files like "Q4 Report -- Dec19."
Those who fall for the phishing scam would be asked to allow permissions to a fraudulent app taking the form of Office 365 called "00365 Access." Once in, hackers will have access to notes, emails, contacts, and files on a person's account. They could find information that would allow them to have access to funds, according to Microsoft's lawsuit filed on June 30.
At the height of the pandemic, hackers started using filenames related to the disease and attach them to emails. Court documents revealed that the criminals' targets were mostly business leaders and executives.
Microsoft took control of the situation by filing a lawsuit, to take over the domains that pretended to be the Windows-maker. Its lawsuit said that criminals had misused the name of the company and its trademarks. There were at least six domain names pretending to be related to Microsoft.
"For our part, Microsoft and our Digital Crimes Unit will continue to investigate and disrupt cybercriminals and will seek to work with law enforcement agencies around the world, whenever possible, to stop these crimes," Burt wrote.
Microsoft has been in a similar case before. In 2019, it filed a lawsuit against North Korean hackers in order to gain control of more than 50 domains pretending to be related to the company. Similar efforts have been made against Iranian and Russian hackers.
For this new lawsuit, Microsoft decided not to disclose who is behind the attacks.
