Court documents that were unsealed yesterday revealed that Microsoft’s Digital Crimes Unit disrupted an Iranian hacking group known as Phosphorus (also known as APT 35, Charming Kitten, and Ajax Security Team). Microsoft took control of 99 websites the group uses to conduct its hacking operations.
Phosphorus hacking group generally takes control of personal accounts of individuals through spear-phishing. This group sends a link that contains malicious software that enables them to access computer systems of individuals.
Microsoft’s Digital Crimes Unit (DCU) and the Microsoft Threat Intelligence Center (MSTIC) have been tracking Phosphorus since 2013. Its activity is usually designed to gain access to the computer systems of businesses and government agencies and steal sensitive information. Its targets also include activists and journalists – especially those involved in advocacy and reporting on issues related to the Middle East.
You can find legal filings of Microsoft’s case against Phosphorus here.