Priya PatelTLDR:
- Microsoft reveals Russian state-sponsored hacking group Midnight Blizzard has been spying on senior leaders’ email accounts and stealing source code.
- Midnight Blizzard accessed Microsoft’s systems through a password spray attack and is now trying to breach source code repositories and internal systems.
Microsoft has disclosed that a Russian state-sponsored hacking group known as Midnight Blizzard, also called Nobelium, has been targeting the email accounts of its senior leaders and pilfering its source code. This group was previously responsible for the SolarWinds attack in 2023. The hackers gained access through a password spray attack and are now trying to exploit vulnerabilities in Microsoft’s source code. The stolen source code could potentially be used to create counterfeit versions of Microsoft software or find and exploit vulnerabilities. Microsoft has increased its security measures, but is still investigating the extent of the breach.
The attack on Microsoft is part of a larger campaign by Russia’s SVR intelligence service to target various sectors and organizations globally. The NCSC has advised organizations to review their accounts, enable two-factor authentication, and monitor for suspicious activity. This incident underscores the ongoing threat of state-sponsored hacking groups and the importance of robust cybersecurity measures.
