Topics
late
AI
Amazon
Image Credits:Chesnot/Getty Images / Getty Images
Apps
Biotech & Health
clime
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
gadget
stake
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
security department
societal
blank space
Startups
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
get hold of Us
On Friday , Microsoft revealed that it had been the victim of a nag carry out by Russian government spy . Now , a workweek later , the technology giant pronounce that it was not the only target of the espionage cognitive operation .
In a new web log post , Microsoft say that “ the same player has been targeting other system and , as part of our usual notification outgrowth , we have start notifying these targeted organizations . ”
At this percentage point , it ’s unclear how many organizations the Russian - backed hackers point .
When asked by TechCrunch to provide a specific number of victim it has send word so far , a Microsoft representative declined to notice .
Microsoft identified the hacker as the mathematical group it callsMidnight Blizzard . This group is wide believed to be working for Russia ’s Foreign Intelligence Service , or SVR . Other security system companies call the groupAPT29 and Cozy Bear .
Microsoft say it detected the invasion on January 12 , and then make that the hacking military campaign started in belated November , when the hackers used a “ password spray attack ” on a bequest system that did not have multi - factor authentication enabled . Password spray is when hackersattempt to brute - force access code to accountsusing commonly used watchword , or a enceinte tilt of passwords from preceding data breaches .
“ The doer tailor their password spray attacks to a special number of accounts , using a low number of endeavor to evade detection and head off account blocks based on the volume of failures , ” Microsoft write in its latest web log post . “ The threat actor further reduce the likelihood of discovery by launching these attacks from a parcel out residential placeholder base . These evasion technique help see the actor obfuscated their activity and could persist the attack over time until successful . ”
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Once the Russian - back hacker gained approach to an write up on that legacy system , they “ used the account ’s permissions to access a very little part of Microsoft corporate email accounts , ” agree to Microsoft , which has not yet specified how many email accounts were compromised .
Microsoft , however , said that the hack specifically targeted the company ’s older executives , as well as multitude who work in cybersecurity , effectual , and other departments . The hackers were able to slip “ some electronic mail and attach documents . ”
Curiously , the hackers were interested in finding out selective information about themselves , specifically what Microsoft know about them , the fellowship say .
On Thursday , Hewlett Packard Enterprise ( HPE ) disclosed thatits Microsoft - hosted email system was hack by Midnight Blizzard . HPE enounce it was notified of the breach — without read by whom — on December 12 . The fellowship said that agree to its own investigation , the hackers “ access and exfiltrated datum ” from a “ small percentage ” of HPE mailboxes starting in May 2023 .
It ’s undecipherable how , or if , this breach is link up to the hackers ’ espionage safari targeting Microsoft , as HPE say its incident was get in touch to an early intrusion where the same hackers exfiltrated “ a limited number of SharePoint file ” from its internet .
“ We do n’t have the details of the incident that Microsoft experienced and bring out last week , so we ’re ineffectual to connect the two at this meter , ” HPE spokesperson Adam R. Bauer told TechCrunch .
update with Microsoft worsen to comment .
