Microsoft has confiscated 99 web domains that were used by Iran-linked hackers to launch global spear-phishing campaigns. The domain names resembled those of popular services offered by Microsoft, Yahoo and other companies and could therefore easily be mistaken for legitimate websites by victims of the campaign.
The threat actor behind the campaign has been identified as APT35, a notorious hacking group with ties to the Iranian government that is also known as Phosphorus and Charming Kitten. The Microsoft operation was conducted in secret, after the company obtained government permission to take control of the domains.
Read more: Microsoft takes control of 99 domains operated by Iranian state hackers