Isaiah Richard, Tech Times

Microsoft identified "Sourgum" from Israel as the threat actor behind its Windows malware and zero-day, which plagued its computer operating system in the past weeks. The particular problem has only been solved recently by Microsoft, and it gave them the struggle to fix with different users saying that it was not effective for their experience.

The company discovered the threat actors to be from the private sector, and it would have an investigation to reveal the true intentions behind it. Amidst this, Microsoft completed its acquisition of RiskIQ, which was envisioned to help the company in its security issues.

Microsoft: Threat Actor is 'Sourgum' from Israel

Microsoft
(Photo : Stephen Lam/GettlyImages )
SAN FRANCISCO, CA - APRIL 29: A Microsoft logo is seen during the 2015 Microsoft Build Conference on April 29, 2015 at Moscone Center in San Francisco, California. Thousands are expected to attend the annual developer conference which runs through May 1.

According to Microsoft's blog post, the company's investigation in their recent cyberattack and zero-day vulnerability was from an Israeli private sector company, "Sourgum." The said company is known to be a PSOA or a private sector offensive actor, which has a purpose to sell "cyberweapons" to its clients, with the intentions of hacking them.

Another group name they were discovered to be is known as "Candiru," and they have been related to Sourgum with regards to the recent Microsoft attack. While the intentions of Candiru remain unknown, it is a direct threat against Microsoft and would be subject to an investigation, catching the criminal behind the attack. 

Bill Marczak and other authors from Citizen Lab have detailed how they caught Candiru and other threat actors which have taken part in the attack on Microsoft.

Speculations that both are the same company ensues, but it was a different discovery for Microsoft and Citizen Lab. 

Read Also: REvil, Russian Hacking Group Behind Major Ransomware Attack, Vanished From the Internet

Who is 'Sourgum?'

Sourgum is an Israeli-based PSOA that sells spyware products to its clients, and its purpose or intent is to bring harm to them, including that of Microsoft's recent attack. They are referred to as a "mercenary spyware company" as mentioned by Citizen Lab about Candiru.

Is Microsoft Windows Safe Now?

Windows 11
(Photo : Microsoft)

The attack cost Microsoft a lot, and it has been known to be immune to several of its emergency patch releases which failed when its users and the public needed it most. That being said, this threat was a massive deal for Microsoft, especially as the company has struggled to protect its operating systems and return to normal proceedings. 

Currently, Microsoft's systems have been given a patch to protect themselves from the vulnerabilities, and will soon add more layers of protection.

Related Article: Remember Clippy? Microsoft is Threatening to Bring It Back as an Emoji

This article is owned by Tech Times

Written by Isaiah Richard

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Microsoft Microsoft Sourgum Microsoft Sourgum Israel Microsoft Windows malware Microsoft Windows Zero-Day Sourgum Israel Windows
Join the Discussion