A Russian hacker group called Midnight Blizzard has access to Microsoft’s source code and is using it to access its internal system.
The hack was first discovered in January and despite all efforts, it’s still ongoing.
The Russian embassy in Washington has yet to comment on the Russian government’s alleged involvement.
Some of Microsoft’s core systems have been attacked by a hacker group backed by Russia. The hack first came to light in January but according to the latest update released by the company on Friday, the problem not only persists but seems to be bigger than what they had imagined.
During the first hack, the Russian hacking group breached senior management’s email accounts that are now giving them access to Microsoft’s internal systems, source code, and repositories.
The reason this attack is so concerning is that source codes are the fundamental building blocks of software – the ones that make it function. So, anyone with access to the source codes can attack the system again and again.
Another huge concern is that Microsoft is one of the largest tech companies – around mid-January, Microsoft was the most valued public company. Its products power countless small, mid-sized, and even large businesses – and even the US government uses Microsoft services. So, a vulnerability in its core system is a risk for everyone associated with Microsoft.
Combined with the fact that Microsoft Azure was hit with the largest data breach in its history just a couple of weeks ago, Microsoft is undoubtedly right in the firing line as far as user privacy and data security are concerned, leaving a day-to-day customer’s trust in the company in shambles.
Read more: Microsoft removes state-backed hacker groups from its apps
Who Is Behind The Attack and Why Are They Attacking?
Microsoft has identified the hacker group to be Midnight Blizzard, also known as Nobelium, and apparently, it’s backed by the Russian government.
In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.Microsoft in a blog addressing the issue
The Russian embassy in Washington has not commented on any of the aforementioned allegations.
The same hacker group is also believed to be behind the attack on another big tech company, Hewlett Packard Enterprise, whose cloud-based email systems were breached.
Not only that, but it was also the one that hacked countless US agency email systems through software made by SolarWinds (a US-based contractor) in 2020. By the time the vulnerability was discovered, it already had access to several small email accounts associated with Homeland Security and Justice as well as a few other agencies.
Back then, US officials labeled the group’s activity as a part of Russia’s intelligence service. However, just as always, the rumors were denied by the Russian government.
Although the exact reason for the attacks are up for speculation, some experts believe that it’s an attempt to dig out intel about the campaigns supporting Kremlin.
Jerome Segura, the chief threat researcher at Malwarebytes’ Threatdown Labs, believes that Microsoft was attacked simply because of its client list. As I pointed out before, Microsoft powers several businesses and even a handful of government agencies, making the tech giant a lucrative target.
Thankfully, there’s been no reports of customer-facing systems being compromised but the danger looms large. According to the company, the group has found some “secrets” that they might use to hurt Microsoft customers in the near future.
The worst part is that the attack is still active despite Microsoft having discovered it and trying to fight back. This highlights the aggressive nature of this hacker group – that they are not afraid of being discovered.
Read more: Microsoft’s investment in Mistral AI faces EU antitrust scrutiny
>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : TechReport – https://techreport.com/news/russia-backed-hacker-group-continues-exploiting-microsoft-internal-systems/
