Microsoft revealed on Friday that a Russian state-sponsored hacking group, known as Midnight Blizzard, is attempting to breach its systems once more, utilizing information pilfered from the tech giant’s corporate emails in January.
This latest disclosure underscores the persistent threat posed by the hacking group, which analysts link to Russian intelligence, towards Microsoft. As one of the world’s largest software makers and a critical provider of digital services to the U.S. government, Microsoft remains a prime target for cyberattacks.
The Russian embassy in Washington has not yet responded to Microsoft’s statement, nor has it addressed the tech company’s previous alerts regarding Midnight Blizzard’s activities.
Back in January, Microsoft reported that the hackers had attempted to breach “a very small percentage” of its corporate email accounts, including those belonging to senior leadership and personnel in cybersecurity, legal, and other functions.
Now, it appears that Midnight Blizzard, also known as Nobelium, is leveraging the stolen data from January’s breach to launch fresh attacks on Microsoft’s systems. According to Microsoft, the hackers are targeting its source code repositories and internal systems using the pilfered information.
The company stated, “It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found,” indicating that some of these secrets were shared between customers and Microsoft via email. Microsoft is actively reaching out to affected customers to assist them in implementing mitigating measures.
Moreover, the hackers have intensified their targeting efforts and are employing “password sprays” at a significantly increased rate compared to their January attack. This aggressive tactic involves using the same password across multiple accounts in an attempt to gain unauthorized access.
Microsoft suspects that Midnight Blizzard’s persistent targeting may stem from the company’s extensive research into the hacking group’s operations. Microsoft’s threat intelligence team has been monitoring Nobelium since at least December 2020, sharing insights and analysis on the group’s activities.
Despite the ongoing attempts to breach Microsoft’s systems, the company reassured that there is no evidence of compromise to its customer-facing systems. However, the situation underscores the need for continued vigilance and robust cybersecurity measures in the face of evolving cyber threats.
Sources By Agencies