Microsoft and other technology companies have attempted to dismantle a cybercriminal organization whose malicious software has been used in ransomware attacks and other hacks worldwide, the companies announced Wednesday. The companies said that the group’s malicious software has been used in ransomware attacks and other hacks around the world.
This involved obtaining a court order from the United States District Court for the Northern District of Georgia, which authorized the seizure of 65 internet domains by Microsoft (MSFT) from a hacking organization behind the widely used malware known as Zloader, according to the company.
Since its discovery in 2019, ZLoader has been utilized in a wide range of financially driven hacking operations, with the majority targeting enterprises in North America, according to the FBI. According to Microsoft, the hackers have also been involved in developing a tool for delivering a sort of ransomware that must be used in hacks against healthcare institutions.
Microsoft stated that it had identified one of the individuals involved in the hacking business and forwarded the information to law enforcement officials.
A request for comment from the United States Justice Department was not returned.
Additionally, US-based cybersecurity firms Lumen and Palo Alto Networks and Slovakia-based ESET were involved in the decommissioning effort.
It’s just the latest corporate or government initiative to decommission computer infrastructure, frequently registered in the United States and utilized by cybercriminals or intelligence agents to conduct their operations.
According to a Microsoft announcement last week, the company had used another court order to disable seven internet domains used by a hacker group linked to Russian intelligence in an apparent effort to promote Russia’s conflict in Ukraine.
The sanctions taken are far from being fatal blows to the hacking groups. Still, they represent a critical step forward in making it more difficult for them to function.