Criminal hackers try to steal login data from people via Microsoft Teams. To do this, the attackers use already compromised Microsoft 365 accounts from smaller companies. They use newly created domains to pose as Microsoft support and send phishing messages via Microsoft Teams. In the chats, they then try to outwit the other person and get the multi-factor authentication data.
Advertisement
According to Microsoft, it has already blocked the fake support domains. The hackers have been identified as Midnight Blizzard, formerly known as Nobelium, the blog post reads. “As with all social engineering lures, we encourage organizations to reinforce best practices for the security of all users and ensure that all non-user-initiated authentication requests should be treated as malicious.”
About 40 global organizations are said to have fallen victim to the attacks since May. Midnight Blizzard targets government, NGO, IT, technology, media and discrete manufacturing companies. Microsoft continues to investigate. Those affected have been informed.
Security incidents involving Microsoft accounts
Midnight Blizzard, also known as APT29, is a Russian hacking group assigned to the state by the US government and the UK, according to Microsoft. They are considered spies and their activities can be traced back to 2018. Microsoft has published a concrete sequence of what the attacks looked like and how they happened, including screenshots, in the security blog. As well as measures to ensure the safety of your own safety.
Microsoft recently claimed to have stopped a coordinated hacker attack from China. This was also directed against government institutions. According to Microsoft, however, it was averted for all affected customers. The situation is different with account data that Anonymous-Sudan allegedly obtained. The group is said to have 30 million access points to Microsoft services. However, Microsoft denies this. It is questionable, of course, which compromised accounts the Midnight Blizzard attackers could now use.
Advertisement
(emw)
Zur Startseite
#Criminal #hackers #targeting #teams #Microsoft #warns