Microsoft alerts of ongoing hacking attempt by Russian group
Midnight Blizzard hacked into Microsoft’s corporate email systems in January, stealing emails and documents.
Microsoft reported that the Russian state-sponsored hacking group Midnight Blizzard, also known as Nobelium, is again attempting to breach its systems. The attempt follows the group’s successful hacking of Microsoft’s corporate email systems in January, where they stole emails and documents.
Microsoft disclosed that recent evidence indicates Midnight Blizzard using information initially obtained from the corporate email systems to gain unauthorised access, including data from source code repositories and internal systems.
The company observed a more aggressive approach from the hackers, noting an increase in their use of ‘password sprays’ – a technique where the same password is attempted on multiple accounts to gain unauthorised access. Furthermore, Microsoft clarified that the breach has not impacted its customer-facing systems.
Despite reaching out to customers to assist in mitigating measures, the Russian embassy in Washington has not responded to inquiries regarding Microsoft’s statements on the Midnight Blizzard attack.