Microsoft thinks they are hackers connected to the Russian government those who have unleashed a social engineering and phishing campaign against several global organizations via Microsoft Teamsin which they tried to steal your login credentials.
According to Microsoft researchers, fewer than 40 organizations have been affected by these deceptive attacks since May. Hackers haveor created fake domains and accounts similar to those of Microsoft Teams technical supportin order to involve users in chat and convince them to approve requests for multi-factor authentication (MFA).
Microsoft Teams, Russian hackers behind phishing attacks
Microsoft reacted to threats mitigating the use of the domains involved and launched an investigation to address the impact of those attacks. Using Microsoft Teams as a target indicates that hackers are developing new ways to bypass security measures, including MFAs. Which are commonly used to prevent hacking and credential theft.
The hacking group responsible for these operations is known as Midnight Blizzard o APT29. A group connected to Russian foreign intelligence service, according to the researchers. The organizations targeted in this attack appear to be aimed at espionage. To governments, organizations, IT services and the media sector. Midnight Blizzard affects organizations in the US and Europe since 2018.
Hackers have used small business already compromised Microsoft 365 account to create new domains similar to those of Microsoft support. These domains then sent phishing messages via Microsoft Teams to trick users into sharing their credentials.
The complexity and sophistication of these attacks underscore the importance of keeping cybersecurity measures consistently high. Especially in a context where cyber threats are becoming increasingly advanced and targeted.
Leave a Reply
View Comments