Microsoft Inc. (NASDAQ: MSFT) said on Wednesday that an Austria-based company named DSIRF used multiple Windows and Adobe Reader zero-days to hack organizations located in Europe and Central America.
The technology giant’s threat intelligence and security response units have linked a number of cyberattacks to a threat actor it calls “Knotweed,” better known as the Vienna-based intelligence-gathering company, Decision Supporting Information Research Forensic, or DSIRF.
"Based on observed attacks and news reports, MSTIC believes that KNOTWEED may blend these models: they sell the Subzero malware to third parties but have also been observed using KNOTWEED-associated infrastructure in some attacks, suggesting more direct involvement," Microsoft's blog post read.
Microsoft said that PSOAs are "cyber mercenaries" that sell hacking tools or services as part of their business model. Oftentimes, these organizations are selling either access via end-to-end hacking tools, or the PSOA is conducting the offensive hacking operations themselves.
Source - Microsoft
ALSO READ: