Wouldn't you like to know what the tech giants know about you? That's exactly what Russian government hackers want too.
On Friday, Microsoft revealed that the hacking group it calls Midnight Blizzard, also known as APT29 o Cozy Bear, and widely believed to be sponsored by the Russian government, hacked some corporate email accounts, including those of the company's “senior leadership team and employees of our legal, cybersecurity and other functions.” company.
Interestingly, the hackers did not seek customer data or the traditional corporate information they would normally have sought. They wanted to know more about themselves, or more specifically, they wanted to know what Microsoft knows about them, according to the company.
Contact Us
Do you have more information about this trick? We would love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or by email [email protected]. You can also contact TechCrunch via SecureDrop.
“The investigation indicates that they initially searched email accounts for information related to Midnight Blizzard,” the company wrote. in a blog post and SEC Disclosure.
According to Microsoft, the hackers used a “password spraying attack” (essentially brute force) against a legacy account and then used that account's permissions to “access a very small percentage of Microsoft corporate email accounts.” .
Microsoft did not disclose how many email accounts were breached, or exactly what information the hackers accessed or stole.
Company spokespersons did not immediately respond to a request for comment.
Microsoft took advantage of the news of this hack to talk about how they are going to move forward to become more secure.
“For Microsoft, this incident has highlighted the urgent need to act even faster. “We will act immediately to apply our current security standards to legacy systems and internal business processes owned by Microsoft, even when these changes may cause disruptions to existing business processes,” the company wrote. “This will likely cause some level of disruption as we adapt to this new reality, but this is a necessary step, and only the first of many we will take to adopt this philosophy.”
APT29 or Cozy Bear is widely believed to be a Russian hacking group responsible for a number of high-profile attacks, such as those against SolarWinds in 2019, the Democratic National Committee in 2015, and many more.
