Microsoft said on Friday that Russian state-sponsored hacking group Midnight Blizzard was trying to breach its systems again using information it stole by hacking into the tech giant’s corporate emails in January.
In the January attack, the hacking group that is also known as Nobelium had breached Microsoft’s corporate email systems and stolen emails and documents from staff accounts.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access,” the company said in a statement on its blog.
That data includes some of its source code repositories and internal systems, Microsoft said.
The company’s shares edged lower following the news,
“It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found,” it added. “Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures.”
In some ways the hackers had become more aggressive in trying to penetrate Microsoft, the company said. For instance the hackers’ use of ‘password sprays’ — where an attacker uses the same password on multiple accounts in the hope of breaking in — had increased as much as tenfold compared to their January attack, Microsoft said.
The Russian embassy in Washington has previously not responded to requests for comment on Microsoft’s statements about the Midnight Blizzard attack.
Microsoft added that it had no evidence that its customer-facing systems had been compromised in the hack.
https://ift.tt/gPz2HyT
https://ift.tt/O1ki9Pp
0 Comments