HomeSecurity OperationsMicrosoft Continues to Experience Intrusions from Russian-Sponsored Hacking Group

Microsoft Continues to Experience Intrusions from Russian-Sponsored Hacking Group

Published on

spot_img

In a recent development, Microsoft has revealed that a Russian state-sponsored hacking group, known as Midnight Blizzard, is still utilizing information stolen from its senior leadership team to gain unauthorized access to the company’s internal systems. This revelation comes after Microsoft disclosed in January that Midnight Blizzard had extracted information from a small percentage of employee email accounts, including those of senior leaders and employees in cybersecurity and legal roles.

Since the initial disclosure, Midnight Blizzard has been persistently using the stolen information to infiltrate Microsoft’s source code repositories and internal systems, according to Microsoft’s latest statement issued on Friday. The company noted a significant increase in certain aspects of the attack, such as password sprays, which grew tenfold in February compared to the volume observed in January.

Describing the ongoing attack by Midnight Blizzard, Microsoft emphasized the sustained and substantial commitment of the threat actor’s resources, coordination, and focus. Despite the continued efforts of the hacking group, Microsoft reassured that its investigations into Midnight Blizzard’s activities are ongoing, with collaboration from federal law enforcement agencies.

Fortunately, the attack has not compromised customer-facing systems nor significantly impacted Microsoft’s operations, the company stated. However, it remains uncertain whether this incident will have any financial implications for Microsoft in the future.

This is not the first encounter with Midnight Blizzard as Microsoft previously detected the group, formerly known as Nobelium, engaging in targeted social engineering attacks via Microsoft Teams chats to obtain credentials. U.S. authorities have linked this group to the Foreign Intelligence Service of the Russian Federation and have previously associated them with the SolarWinds hack in 2020.

As Microsoft continues to address the ongoing threat posed by Midnight Blizzard, the company remains vigilant in protecting its systems and data from further incursions. Customers and stakeholders can rest assured that Microsoft is actively working to safeguard its infrastructure and prevent any disruptions caused by malicious actors.

For further updates on this developing story, stay tuned for more information from Dean Seal at dean.seal@wsj.com.

(END) Dow Jones Newswires

March 08, 2024 09:53 ET (14:53 GMT)

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish