HomeUpdateAPT15 aka Nickel hacked many nations including America and Europe

APT15 aka Nickel hacked many nations including America and Europe


Last Updated on 09/12/2021 by Nidhi Khandelwal

According to a report on Microsoft’s blog, the Microsoft Digital Crimes Unit (DCU) has confiscated 42 websites used by the China-based hacking gang Nickel to attack companies in the United States and around the world. 

The assaults were most likely carried out to acquire intelligence from government agencies, think tanks, and human rights organizations, according to Microsoft.

On December 2nd, a US District Court in Virginia granted Microsoft permission to take control of the compromised websites, allowing Microsoft to redirect traffic from those sites to Microsoft’s servers, as detailed in the court document.

While this will not completely stop Nickel’s attacks, Microsoft claims that it will help “protect current and future victims while learning more about Nickel’s activities.” This PDF contains the whole list of confiscated websites.

APT15 aka Nickel hacked many nations including America and Europe 1

Nickel utilizes a “variety of approaches” to install malware on victims’ PCs, according to Microsoft’s initial complaint (PDF), including exploiting third-party virtual private networks and spear phishing. Because of the nature of Nickel’s attacks, the gang is able to steal sensitive data from the device without the user’s knowledge.

According to Microsoft’s complaint, “during the infection of a victim’s computer, Nickel executes malware designed to make changes at the deepest and most sensitive levels of the device’s Windows operating system.” “As a result of these alterations, the user’s version of Windows has been virtually polluted, and has been changed into a tool to steal credentials and sensitive information from the user without the user’s knowledge.”

Nickel has been tracked by Microsoft since 2016, and the group is also known as APT15, KE3CHANG, Vixen Panda, Royal APT, and Playful Dragon. 

Nickel has targeted diplomatic organizations and foreign affairs ministries in countries throughout the world, including North America, South America, Central America, the Caribbean, Europe, and Africa. It is also said to hit targets that are in line with China’s “geopolitical interests.”

APT15 aka Nickel hacked many nations including America and Europe 2

Microsoft claims that the DCU has shut down over 10,000 infected websites and stopped the registration of 600,000 potentially harmful sites with the 24 cases it has brought so far.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...