Operation Sinkholed

50 domains with ties to the Thallium threat group, also known as APT37 and Reaper, were taken offline in late 2019. The actor used the domains to attack various sectors located in the United States, Japan, and South Korea to steal user credentials and drop malware capable of stealing sensitive information.
