Cyber Security

Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers

Microsoft’s Digital Crimes Unit (DCU) last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation.

The adversarial collective is said to have targeted entities in tech, transportation, government, and education sectors located in the U.S., Middle East, and India.


“Bohrium actors create fake social media profiles, often posing as recruiters,” Amy Hogan-Burney of the DCU said in a tweet. “Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target’s computers with malware.”

According to an ex parte order shared by the tech giant, the goal of the intrusions was to steal and exfiltrate sensitive information, take control over the infected machines, and carry out remote reconnaissance.

To halt the malicious activities of Bohrium, Microsoft said it took down 41 “.com,” “.info,” “.live,” “.me,” “.net,” “.org,” and “.xyz” domains that were used as command-and-control infrastructure to facilitate the spear-phishing campaign.


The disclosure comes as Microsoft revealed that it identified and disabled malicious OneDrive activity perpetrated by a previously undocumented threat actor codenamed Polonium since February 2022.

The incidents, which involved the use of OneDrive as command-and-control, were part of a larger wave of attacks the hacking group launched against over 20 organizations based in Israel and Lebanon.

Products You May Like

Articles You May Like

Noise Expects to Make Its Revenue Double to Rs. 2,000 Crore in Current Fiscal Year
Fossil Gen 6 Hybrid Smartwatch to Launch on June 27 With Up to 2 Weeks of Battery Life
Gotham Knights Map Size: The ‘Biggest Version’ of Batman’s City in a Game Ever
BRATA Android Malware Gains Advanced Mobile Threat Capabilities
Noise i1 Smart Glasses With Touch Controls, 9-Hour Battery Life Launched in India

Leave a Reply

Your email address will not be published.