2023-08-03 04:34:00
Microsoft has accused a group of hackers linked to the Russian government of attacking several global organizations with a “broad campaign” to steal login credentials inside Teams.
According to the Redmond company, these hackers pretended to be from the company’s technical support and tried to collect valuable information through these “services”.
These highly targeted social engineering attacks have affected at least 40 unique global organizations as of the end of May.
Microsoft says its technicians are continuing to investigate the situation and provide support to these organizations. Still, the company explains that hackers may still be at work.
They set up domains and accounts that appear to be support desks and try to get Teams users to pass Multi-Factor Authentication (MFA) prompts.
The name of the hacker group is Midnight Blizzard and the United States associates it with the Russian government.
Organizations targeted in this activity likely indicate specific Midnight Blizzard espionage targets targeting government sectors, non-governmental organizations (NGOs), IT services, technology, manufacturing, and media. This latest attack, combined with past activity, further demonstrates Midnight Blizzard’s continued execution of its objectives using new and common techniques.
Microsoft did not name the affected organizations.
1691055334
#Microsoft #Russian #hackers #responsible #phishing #attacks #Teams