Russia-Linked Hackers Exploit Microsoft Teams Chats in ‘Highly Targeted’ Credential Theft Campaign: Report

A Russian government-linked hacking group conducted "highly targeted" social engineering attacks on less than 40 global organizations since late May, exploiting Microsoft Corp (NASDAQ: MSFT) Microsoft Teams chats to 

A Russian government-linked hacking group conducted “highly targeted” social engineering attacks on less than 40 global organizations since late May, exploiting Microsoft Corp (NASDAQ:MSFT) Microsoft Teams chats to steal login credentials.

The hackers set up domains and accounts resembling technical support to engage Teams users in chats and trick them into approving multifactor authentication (MFA) prompts, Reuters cites Microsoft researchers.

Microsoft has mitigated the use of these domains and is investigating the attacks to remediate their impact.

The hackers targeted Microsoft Teams, with over 280 million active users. The attacks highlight the hackers’ ability to find new ways to bypass security measures like MFA.

The hacking group behind these attacks, known as Midnight Blizzard or APT29, is linked to Russia’s foreign intelligence service and has targeted various sectors, including government, NGOs, IT services, technology, manufacturing, and media organizations.

Midnight Blizzard has a history of targeting U.S. and European organizations since 2018.

The hackers exploited compromised Microsoft 365 accounts from small businesses to create new domains appearing as technical support entities with “microsoft” in their names.

Accounts tied to these domains sent phishing messages via Teams to lure and deceive users.

Previous reports indicated that “Anonymous Sudan,” a hacktivist group with a Russia link, has been causing outages at Microsoft for months, with previous attacks also in Israel, Sweden, and other countries.

Microsoft is also amid intense scrutiny and accusations of sloppy security over a hack that let China spy on top Biden administration officials.

The Chinese hack, disclosed recently, compromised the unclassified Microsoft email inboxes of senior State Department officials, Commerce Secretary Gina Raimondo, and others.

Photo by S. Hermann & F. Richter from Pixabay

Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.

Total
0
Shares
Related Posts
Read More

Netflix Announces ‘Chestnut Vs Kobayashi: Unfinished Beef’ Hot Dog-Eating Contest After Joey Chestnut’s Exclusion From Nathan’s Famous Event

Joey Chestnut, the 16-time hot dog-eating champion, will be competing in a new hot dog-eating contest on Netflix. This comes after he was excluded from the Nathan's Famous Fourth of July hot dog-eating contest due to a deal with a rival brand.

NFLX