A Virginia court has allowed Microsoft to seize websites operated by Nickel, a Chinese cybercrime group that has been conducting cyberattacks in 29 countries.

Cybercrime Sites

In a blog post, Microsoft’s corporate vice president for customer security and trust, Tom Burt, said that the company’s campaign to take control of the websites will help “protect existing and future victims” of the group’s activities.

As a result of actions taken by Microsoft following the court order, which was filed 2 Dec. and granted 6 Dec., visitors to the malicious websites will be redirected to Microsoft’s “secure servers.” 

Microsoft said Nickel had been using the websites for “intelligence gathering from government agencies, think tanks and human rights organizations.”

Nickel, which is also known as “KE3CHANG,” “APT15,” “Vixen Panda,” “Royal APT” and “Playful Dragon,” has targeted public and private sector organisations across the world with hacking and social engineering attacks.

“There is often a correlation between Nickel’s targets and China’s geopolitical interests,” Microsoft corporate vice president Burt said.

Seizing the URLs will not prevent Nickel from engaging in other cybercrime activities, which have included targeting third-party virtual private network (VPN) software and conducting spear-phishing campaigns.

Burt’s blog post concluded by calling on “industry, governments, civil society and others” to come together in combating groups such as Nickel, stating that it was the responsibility of “every entity with the relevant expertise and resources” to “help bolster trust in technology and protect the digital ecosystem.”