Home Technology Microsoft Teams Hacking Attack: Microsoft blames Russia-linked hacker group for Teams phishing attacks – Times of India

Microsoft Teams Hacking Attack: Microsoft blames Russia-linked hacker group for Teams phishing attacks – Times of India

0
Microsoft Teams Hacking Attack: Microsoft blames Russia-linked hacker group for Teams phishing attacks – Times of India

[ad_1]

A hacking group has been targeting several global organisations with a new campaign. With this campaign, attackers are pretending to be from technical support and are stealing login credentials by engaging users in Microsoft Teams chats. According to a report by Reuters, Microsoft researchers have warned that a Russian government-linked hacking group is behind the campaign.

In a blog, researchers have also noted that these “highly targeted” hacking attacks have already affected “fewer than 40 unique global organisations” since May. Microsoft also assured that it is investigating the incident. The report also mentioned that the Russian embassy in the US is yet to respond to a request for comment.
How hackers are targeting users

Researchers discovered that these hackers have created domains and accounts that looked similar to technical support and tried to engage Teams users in chats. These hackers then dissuade these users to approve multifactor authentication (MFA) prompts.
As per the Microsoft blog, the hackers used already-compromised Microsoft 365 accounts owned by small businesses to make new domains. These domains appeared to be technical support entities and had the word “Microsoft” in them. The researchers noted that the accounts linked to these domains sent out phishing messages to bait people via Teams.
MFAs are a security measure designed to prevent hackers from stealing credentials. The hacking group targeting Microsoft’s video conferencing platform, Teams suggests that attackers have discovered new ways to bypass it. The tech giant’s January financial statement claimed that its business communication service Teams has an active user base of over 280 million.

“Microsoft has mitigated the actor from using the domains and continues to investigate this activity and work to remediate the impact of the attack,” the researchers noted.
Midnight Blizzard hacking group
The company has mentioned that the group behind the Teams’ hacking activities has been identified as Midnight Blizzard or APT29. The researchers noted that this hacking group is based in Russia and the UK and US governments have also linked it to the country’s foreign intelligence service.
“The organisations targeted in this activity likely indicate specific espionage objectives by Midnight Blizzard directed at the government, non-government organizations (NGOs), IT services, technology, discrete manufacturing and media sectors,” they said. However, the researchers didn’t name any of the targets.
Earlier, in 2018, Midnight Blizzard reportedly targeted such organisations in the US and Europe.
“This latest attack, combined with past activity, further demonstrates Midnight Blizzard’s ongoing execution of their objectives using both new and common techniques,” the researchers added.



[ad_2]

Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here