Microsoft seizes control of websites used by China backed hackers

The US technology company has dismantled a network of fake websites set up by the Chinese hacking group known as the Winnti Umbrella, which was used to harvest login details of gamers and infect their machines.

The ploy would be typical of China’s government-sponsored hacking units, which security analysts say typically launch attacks from hijacked sites with legitimate domains such as those owned by Amazon, Google, or Yahoo. The hackers siphon off passwords and other sensitive data that they can use to access private networks connected to the hacked computers – including those belonging to government agencies or companies – and potentially wreak havoc.  

“I’ve never seen any attack infrastructure of this scale – it is way bigger than anything we have ever come across before,” said Simon Pope, a security expert at the UK-based cybersecurity firm Symantec, which helped Microsoft investigate the latest attack.

The Winnti Umbrella is one of several Chinese hacking groups that are believed to be sponsored by the Beijing government. Other groups include APT10, which was linked to a major hack on healthcare provider Anthem Inc., and Cloud Hopper, which has targeted banks and other businesses across the world.

Microsoft’s move to take down the websites used by the Winnti Umbrella comes as relations between Washington and Beijing have deteriorated over trade tensions and allegations of election interference. The Trump administration has accused China of using its state-sponsored hackers to steal commercial secrets and intellectual property from American companies in an effort to gain an edge in the global economy.

China has denied the allegations and says it is itself a victim of cyber-attacks. In a recent speech, the Chinese president, Xi Jinping, pledged to make the country’s cybersecurity a top priority and announced new measures to crack down on online crime.

Microsoft’s action against the Winnti Umbrella also highlights the increasing role that private companies are playing in tackling state-sponsored hacking groups. In addition to working with Symantec, Microsoft has also teamed up with other cybersecurity firms such as FireEye and CrowdStrike to form the Cybersecurity Tech Accord, an agreement to cooperate in defending against cyber-attacks.

“This is a landmark day for all of us in the industry,” said Brad Smith, president of Microsoft. “By standing together, we have sent a clear message that the tech sector will not be undermined by parties seeking to sabotage computer networks and disguise their true identity.”

You May Also Like

With another $2.5 million in funding, Julia Collins’ Planet FWD launches climate-friendly snack brand – NewsNifty

Planet FWD, the atmosphere amicable food startup established by Zume fellow benefactor…

Founder and investor Melissa Bradley outlines how to nail your virtual pitch meeting – NewsNifty

Melissa Bradley wears numerous caps. She’s the prime supporter of a startup…

A confluence of Latin America, the US and Asia – NewsNifty

Kevin Xu is a beginning phase financial backer and author of Interconnected,…

Jumbled-up sentences show that AIs still don’t really understand language

Researchers at Auburn University in Alabama and Adobe Research found the imperfection…