Members of the hacking group posed as tech support to gain access to users’ personal details

Scarlett Evans, Assistant Editor, IoT World Today

August 3, 2023

1 Min Read
The hackers posed as Microsoft Teams tech support staff

Microsoft has identified the Russian hacking group Midnight Blizzard as the perpetrator behind a recent cyberattack.

According to a post on Microsoft’s website, Midnight Blizzard members posed as Microsoft Teams tech support staff to steal log-in credentials for just under 40 organizations, in what the company said was a “highly targeted” attack.

The attack, which was launched in May, targeted government and non-government organizations, as well as IT services, technology and media sectors, the Microsoft team said. 

To gain access to users’ information, the hackers approached customers with messages requesting approval for multi-factor authentication, which were then used to extract personal information.

Midnight Blizzard, also known as APT29 or Cozy Bear, was previously linked to the 2020 SolarWinds attack, which saw thousands of organizations impacted by a breach of the network management system Orion.

"This latest attack, combined with past activity, further demonstrates Midnight Blizzard's ongoing execution of their objectives using both new and common techniques," Microsoft said. "Microsoft has mitigated the actor from using the domains and continues to investigate this activity and work to remediate the impact of the attack."

The news comes one month after Chinese hackers infiltrated U.S. government emails using a flaw in Microsoft’s cloud email service.

Related:Microsoft Expands Free Security Tools, Following Backlash

Microsoft has expanded its free security services as a result. In a blog post, the company said the decision was a “response to the increasing frequency and evolution of nation-state cyberthreats.”

About the Author(s)

Scarlett Evans

Assistant Editor, IoT World Today

Scarlett Evans is the assistant editor for IoT World Today, with a particular focus on robotics and smart city technologies. Scarlett has previous experience in minerals and resources with Mine Australia, Mine Technology and Power Technology. She joined Informa in April 2022.

Sign Up for the Newsletter
The most up-to-date news and insights into the latest emerging technologies ... delivered right to your inbox!

You May Also Like