The Redmond giant is still struggling against Midnight Blizzard hackers. The company has just admitted in a blog post to new attacks in recent weeks. Hackers use previously stolen information to gain or attempt to gain unauthorized access to source code repositories and internal systems, it says.
Hacks again attributed to Midnight Blizzard hackers. The convoluted wording of the press release suggests that there were indeed successful hacking attempts. But “to date, we have found no evidence that systems hosted by Microsoft intended for customers have been compromised”, however assures the company.
Affiliated with the SVR
In itself, this is not a surprise. Computer hackers, even more so large-scale state groups, rarely stick with a successful first attack. In January, Microsoft explained that it had been spied on by Midnight Blizzard.
At the end of November, these hackers managed to gain a foothold in the sensitive emails of Microsoft executives, including members of the management team.
Also known as Nobelium, the group is believed to be affiliated with the Russian Federation’s foreign intelligence service (SVR). These hackers were already at work, according to the United States and the United Kingdom, in the hacking of SolarWinds, a textbook case of an attack on the supply chain.
Recognition actions?
This new series of attacks reflects a “sustained and significant commitment” for Microsoft. Microsoft therefore suggests that attackers are increasing their ardor. The publisher notably mentions a tenfold increase in one of the operating methods, the “password spraying” technique. Or password spraying in French, a variation of the brute force attack.
These attacks could be intended for reconnaissance for future actions, the company speculates. Which could give another scale to piracy, beyond the strict scope of Microsoft. The hackers were indeed able to gain access to exchanges between the company and its customers, and even perhaps to valuable authentication tokens.
“We have contacted these customers and are helping them take mitigation measures,” said the publisher. Microsoft also told the American stock market watchdog that it had increased its investments in security to deal with this advanced threat.