On Friday, Microsoft revealed that its systems have once again been targeted by Russian government hackers. This time, the hacking group known as Midnight Blizzard has obtained access to the tech giant’s source code and other internal systems.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems,” Microsoft wrote in a blog post.
In addition to this blog post, Microsoft also filed a report with the U.S. Securities and Exchange Commission to disclose these new developments.
The initial attack by Midnight Blizzard happened last November, as Microsoft announced in January of this year. The hackers were able to access corporate email accounts of high-level employees in cybersecurity, legal, and other departments. According to Microsoft, the motive behind the attack was to gather information on the company’s knowledge of the group.
In its latest blog post, Microsoft stated that Midnight Blizzard has been “attempting to use secrets of different types it has found.” This includes information obtained from emails shared between Microsoft and its customers. The hackers have also ramped up their brute force attempts to access accounts, known as “password spraying.” In fact, according to Microsoft, the number of attempts has increased tenfold since the initial attacks.
If you have any information about the ongoing Microsoft cyberattack, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire “@lorenzofb,” or email. You can also contact TechCrunch via SecureDrop.
Microsoft has stated that these actions by Midnight Blizzard show a significant and sustained commitment of their resources, coordination, and focus. The company also believes that the group may be using the gathered information to plan future attacks.
Midnight Blizzard is considered to be working for Russia’s Foreign Intelligence Service, known as SVR. This group has been responsible for numerous high-profile attacks in recent years, such as the Democratic National Committee in 2016 and SolarWinds in 2019.