Microsoft researchers said on Wednesday that a sophisticated Russian government-affiliated hacking outfit had launched a global assault on many significant organizations. Microsoft Teams conversations are being phished for login credentials. Tech assistance is their ruse.
These well-planned tactics have hurt less than 40 organizations worldwide since May. According to a blog post, Microsoft is working hard to discover what’s happening.
The Russian embassy in Washington did not immediately respond to requests for comment.
Scientists say these hackers created technical support websites and accounts. This tricked Teams users into chatting with them and allowing MFA prompts.
To avoid cybercrime, Microsoft has banned these names. They are cautiously probing the assault to minimize damage.
According to Microsoft’s January financial statement, 280 million people use Teams daily. Microsoft Teams helps organizations communicate.
MFA is crucial for keeping hackers out and preventing unauthorized access. Hackers are exploring new MFA bypasses to exploit Teams.
Midnight Blizzard, or APT29, committed these crimes. They are in Russia, and the U.S. and U.K. governments and academics have linked them to Russia’s foreign intelligence agency.
This campaign may target espionage targets. Examples include government agencies, NGOs, I.T. services, technology, producing things, and media. Scientists didn’t identify their subjects.
According to experts, Midnight Blizzard has been working hard to reach its aims utilizing a mix of new and traditional ways. Recent attacks and other activities show their willingness to continue.
The Microsoft blog reports that the hacker gang has targeted U.S. and European firms since at least 2018.
Hacked Microsoft 365 accounts from small companies were used by hackers. These accounts were used to establish fake technical support domains. These domains smartly included “Microsoft.” The experts said these phony websites’ compromised accounts were used to deliver deceptive Microsoft Teams messages to consumers.