MICROSOFT has accused a Russian state-sponsored hacking group of trying to breach its systems using stolen information.
The internet giant believes Midnight Blizzard hacked into their corporate emails in January to source the info.
Microsoft has accused a Russian state-sponsored hacking group of breaching their systems
That attack two months ago saw the hacking group, who are also known as Nobelium, breach Microsoft’s corporate email systems.
Emails, as well as documents from staff accounts, were taken.
In a statement on its blog, the company said: “In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.”
That data includes some of its source code repositories and internal systems, Microsoft said.
The company’s shares edged lower following the news.
“It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found,” Microsoft added.
“Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures.”
In some ways the hackers had become more aggressive in trying to penetrate Microsoft, the company said.
For instance, the hackers’ use of “password sprays” – where an attacker uses the same password on multiple accounts in the hope of breaking in – had increased as much as tenfold compared to their January attack, Microsoft said.
The Russian embassy in Washington has previously not responded to requests for comment on Microsoft’s statements about the Midnight Blizzard attack.
Microsoft added that it had no evidence that its customer-facing systems had been compromised in the hack.
Midnight Blizzard were the same group behind the infamous SolarWinds attack in 2020 that reportedly saw US government agencies breached.
The Russian-backed group then followed that up with an email attack on 150 organisations including US government agencies in May 2021.
The actor Nobelium targeted around 3,000 email accounts across 24 countries, gaining access to an email service used by USAID – United States Agency for International Development.
Published: [#item_custom_pubDate]
