Microsoft Claims Russian Hackers Gained Access to its Source Code via Email Breach

"To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised."

Muhammad QasimPublished on March 8, 2024
Muhammad Qasim is a certified Google IT Support Professional.
Microsoft's internal systems have been compromised by a Russian hacking group, Nobelium

Microsoft has revealed that the Russian state-sponsored hacking group, Nobelium, has gained access to a few of its corporate email accounts and has used them to attempt to gain access to the company’s source code repositories and internal systems.

Earlier this year, on January 19th, Microsoft published a blog post revealing that the hacking group Midnight Blizzard (Nobelium), backed by the Russian government, had breached one of the company’s legacy internal testing accounts.

Midnight Blizzard Reportedly Brute-Forced its Way into One of the Company’s Legacy Test Account

Microsoft claims that its internal systems were not found to be vulnerable, but the breach resulted from the hackers using a “spray attack” technique, essentially brute-forcing their way through a list of usernames and using an array of possible password combinations with them. Since the breached account did not have 2FA enabled, the hackers were able to easily gain access.

Once Nobelium gained access to one of Microsoft’s accounts, it used its permissions to attempt to infiltrate corporate accounts, specifically targeting Microsoft’s senior leadership. This was allegedly because “they were initially targeting email accounts for information related to Midnight Blizzard itself.

Now, the group has shared some of its findings and secrets with Microsoft itself and its customers. According to Microsoft, Midnight Blizzard, or Nobelium, has also increased the frequency of its spray attacks by as much as tenfold this month compared to January 2024.

Microsoft has recently fallen victim to numerous cyberattacks. Just three years ago, in April 2021, several US organizations’ emails were hacked as part of a Microsoft Cloud exploit. This year as well, the Nobelium attacks have been reported for over four months now, and Microsoft warns that the hackers will use the obtained information “to accumulate a picture of areas to attack and enhance its ability to do so.

This is all we know for now, but rest assured that we will keep you updated as new information becomes available.

via: Microsoft

Tags
Muhammad QasimPublished on March 8, 2024
Muhammad Qasim is a certified Google IT Support Professional.
ABOUT THE AUTHOR
Photo of Muhammad Qasim

Muhammad Qasim


Qasim's deep love for technology and gaming drives him to not only stay up-to-date on the latest developments but also to share his informed perspectives with others through his writing. Whether through this or other endeavors, he is committed to sharing his expertise and making a meaningful contribution to the world of tech and gaming.