Corporate emails and part of Microsoft’s source code fell into the hands of Russian hackers.
Microsoft says that an attack by Russian hackers led to the theft of part of the source code, and these attacks are still ongoing. Microsoft had previously said that a Russian hacker group had attempted to spy on the email accounts of some of the company’s top managers.
In a statement, Microsoft’s security team wrote: “In recent weeks, we have seen evidence that the Midnight Blizzard group, known as Nobelium, is using or attempting to gain unauthorized access to information it first obtained from our corporate emails, including hacking into Some of the company’s source code repositories and internal systems.
It is not yet clear which source code was compromised, but Microsoft warns that the Nobelium group is now trying to use various types of confidential data to further infiltrate Microsoft systems and possibly the company’s customers.
“Some of these secrets were shared between customers and Microsoft via email, and as soon as we find them in our stolen emails, we will contact those customers and help them take appropriate action,” the Redmonds said.
The Nobelium group first gained access to Microsoft systems through a password spray attack last year. In this type of attack, hackers use a huge amount of possible passwords to enter accounts. Microsoft had created a test account without two-factor authentication that allowed Nobelium to access it.
“We have increased our security investments, strengthened our ability to secure and harden our environment against this persistent threat, and will continue to deploy security controls,” the statement read in another part of the statement.
Microsoft has been at the center of severe security attacks in recent years, including the hacking of 30,000 corporate email servers in 2021 due to a flaw in Microsoft’s email exchange server and the penetration of US government emails through a vulnerability in Microsoft’s cloud services that was discovered last year by hackers. Chinese done.
The Redmonds are still investigating Nobelium Group’s recent attacks on their systems, saying, “Our investigations into Midnight Blizzard’s activities are ongoing and the findings will be completed gradually and we will share the results.”
