A Russian government-linked hacking group conducted "highly targeted" social engineering attacks on less than 40 global organizations since late May, exploiting Microsoft Corp MSFT Microsoft Teams chats to steal login credentials.
The hackers set up domains and accounts resembling technical support to engage Teams users in chats and trick them into approving multifactor authentication (MFA) prompts, Reuters cites Microsoft researchers.
Microsoft has mitigated the use of these domains and is investigating the attacks to remediate their impact.
The hackers targeted Microsoft Teams, with over 280 million active users. The attacks highlight the hackers' ability to find new ways to bypass security measures like MFA.
The hacking group behind these attacks, known as Midnight Blizzard or APT29, is linked to Russia's foreign intelligence service and has targeted various sectors, including government, NGOs, IT services, technology, manufacturing, and media organizations.
Midnight Blizzard has a history of targeting U.S. and European organizations since 2018.
The hackers exploited compromised Microsoft 365 accounts from small businesses to create new domains appearing as technical support entities with "microsoft" in their names.
Accounts tied to these domains sent phishing messages via Teams to lure and deceive users.
Previous reports indicated that "Anonymous Sudan," a hacktivist group with a Russia link, has been causing outages at Microsoft for months, with previous attacks also in Israel, Sweden, and other countries.
Microsoft is also amid intense scrutiny and accusations of sloppy security over a hack that let China spy on top Biden administration officials.
The Chinese hack, disclosed recently, compromised the unclassified Microsoft email inboxes of senior State Department officials, Commerce Secretary Gina Raimondo, and others.
Photo by S. Hermann & F. Richter from Pixabay
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.