Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
PHOTO: Bloomberg/Bloomberg/Bloomberg via Getty Images
Now playing
02:18
How to protect yourself from hackers
screengrab US social media
screengrab US social media
PHOTO: Getty Images
Now playing
04:35
Tech companies ban Trump, but not other problematic leaders
PHOTO: Samsung
Now playing
01:53
See Samsung's new Galaxy S21 lineup
PHOTO: CNN
Now playing
02:47
Extremists and conspiracy theorists search for new platforms online
This illustration picture shows the social media website from Parler displayed on a computer screen in Arlington, Virginia on July 2, 2020. - Amid rising turmoil in social media, recently formed social network Parler is gaining with prominent political conservatives who claim their voices are being silenced by Silicon Valley giants. Parler, founded in Nevada in 2018, bills itself as an alternative to "ideological suppression" at other social networks. (Photo by Olivier Douliery/AFP/Getty Images)
This illustration picture shows the social media website from Parler displayed on a computer screen in Arlington, Virginia on July 2, 2020. - Amid rising turmoil in social media, recently formed social network Parler is gaining with prominent political conservatives who claim their voices are being silenced by Silicon Valley giants. Parler, founded in Nevada in 2018, bills itself as an alternative to "ideological suppression" at other social networks. (Photo by Olivier Douliery/AFP/Getty Images)
PHOTO: Olivier Douliery/AFP/Getty Images
Now playing
03:49
Parler sues Amazon in response to being deplatformed
PHOTO: Twitter
Now playing
02:39
Twitter permanently suspends Donald Trump from platform
Panasonic
Panasonic's Augmented Reality Heads-up Display
PHOTO: Panasonic USA
Now playing
01:06
This tech gives drivers directions on the road in front of them
PHOTO: LG Display
Now playing
01:10
See LG's transparent TV
PHOTO: Twitter/@gregdoesthings
Now playing
02:06
Internet gets creative with empty iPhone boxes
NEW YORK, NY - JUNE 3: The Google logo adorns the outside of their NYC office Google Building 8510 at 85 10th Ave on June 3, 2019 in New York City. Shares of Google parent company Alphabet were down over six percent on Monday, following news reports that the U.S. Department of Justice is preparing to launch an anti-trust investigation aimed at Google. (Photo by Drew Angerer/Getty Images)
NEW YORK, NY - JUNE 3: The Google logo adorns the outside of their NYC office Google Building 8510 at 85 10th Ave on June 3, 2019 in New York City. Shares of Google parent company Alphabet were down over six percent on Monday, following news reports that the U.S. Department of Justice is preparing to launch an anti-trust investigation aimed at Google. (Photo by Drew Angerer/Getty Images)
PHOTO: Drew Angerer/Getty Images North America/Getty Images
Now playing
03:25
Google employee on unionizing: Google can't fire us all
Now playing
02:01
Watch 'deepfake' Queen deliver alternative Christmas speech
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using a website that monitors global cyberattacks on his computer at their office in Dongguan, China
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using a website that monitors global cyberattacks on his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)
PHOTO: NICOLAS ASFOURI/AFP/AFP via Getty Images
Now playing
03:30
Russia claims cyberattack may be plot to hurt ties with Biden
Now playing
01:42
Watch father leave daughter dozens of surprise Ring messages
PHOTO: Photo Illustration: Kena Betancur/Getty Images
Now playing
04:50
Zoom's founder says he 'let down' customers. Here's why
Now playing
00:48
See Walmart's self-driving delivery trucks in action
Now playing
01:25
This robotaxi from Amazon's Zoox has no reverse function
(CNN Business) —  

Microsoft has been granted a court order to take over 50 websites it alleges were used by a North Korean hacking group to steal “highly sensitive information” from computers in the United States.

Microsoft (MSFT) filed a lawsuit in federal court on December 18 against two unnamed people involved in the group, known as Thallium, which is alleged to have used the websites to send phishing emails to break into users’ accounts and gain access to their information. The suit was unsealed on December 27.

In some cases, court documents state Thallium impersonated Microsoft or made use of its brands, such as Office 365, to gain access to the accounts.

Shortly after the suit was filed federal district court Judge Liam O’Grady granted a temporary restraining order restricting Thallium from carrying out any further hacking of Microsoft or Microsoft customers. He also ordered the companies that host the 50 website domains Microsoft said were being used for hacking to hand control of those domains over to Microsoft.

The court will give representatives of Thallium the chance to appear on January 3 to argue against the decision becoming permanent, according to the order, though it is not clear whether any such representatives exist.

“There is good cause to believe that if such conduct continues, irreparable harm will occur to Microsoft, Microsoft’s customers, and the public,” O’Grady wrote in the order.

The order is a win in an ongoing effort by Microsoft to combat cybercrime from groups it believes are backed by nation-states. As the maker of the world’s most-popular operating system, Microsoft is widely regarded as having particularly strong insight into how hackers around the world operate.

Microsoft has taken similar legal action against hacking groups operating from China, Russia and Iran, according to a Monday blog post by Tom Burt, the company’s vice president of consumer security and trust.

“We believe it’s important to share significant threat activity like that we’re announcing today,” Burt said in the post. “We think it’s critical that governments and the private sector are increasingly transparent about nation-state activity so we can all continue the global dialogue about protecting the internet.”

Burt also said he hopes Microsoft’s actions raise awareness of similar attacks at other companies.

The complaint alleges Thallium hackers used a technique called “spearphishing,” which seeks to gain passwords and other sensitive information from individual users through emails crafted specifically to look as if they’re coming from a reputable email account.

The emails attempt to lure users to websites where they are asked to provide login information by claiming that suspicious activity was identified on their accounts. The hackers may have used information gathered on victims’ social media pages and elsewhere online to make the emails particularly convincing, according to the lawsuit. After obtaining login credentials, Thallium may have used them to gain access to contact lists, calendar appointments and other information stored on Microsoft users’ accounts.

Hackers also used the deceptive websites to distribute malware used to “compromise systems and steal data from victim systems,” according to the complaint.

The “precise identities and locations” of those behind Thallium are unknown, but “have been linked by many in the security community to North Korean hacking group or groups,” the complaint states.

Thallium targeted government employees, think tanks, university staff and members of groups that work on issues including nuclear proliferation and human rights, according to court documents.

In his blog post, Burt said users can protect themselves from such attacks by enabling two-factor authentication for email accounts, enabling security alerts about links from suspicious sources and learning the signs of a potential phishing scheme.