Microsoft has recently announced that it has gained control over web domains that were being used by a hacker group ‘Thallium’. The group was using these domains to steal sensitive information, especially targeting government officials, think tanks, university staff members and people involved in the craft of nuclear science.

Microsoft said in their report on Monday that the group seems to be working from North Korea. And if North Korean hackers stealing data from nuclear scientists isn’t scary enough, they were especially targeting individuals from America, Japan and South Korea, known rivals of Kim Jong Un’s dictatorial nation.

The group used a technique called ‘spear phishing’ to steal this information, in which they sent legitimate looking emails from trusted sources and get them to click on links, which once opened, lets the attacker siphon data from their targets. Phishing is a common practice in the hacking world. Spear phishing, however, is much more elaborate and intricate since in this the links and emails are especially designed for a specific target.

Microsoft says that it now controls around 50 domains that earlier belonged to Thallium. They have also decided to pursue legal reparation after the group tried to use malware to compromise systems and steal data. A case has been filed by the company in U.S. District Court for the Eastern District of Virginia against Thallium.