Microsoft says an attack by Russian hackers led to the theft of part of the source code, and these attacks are still ongoing. Microsoft had previously said that a Russian hacker group had attempted to spy on the email accounts of some of the company’s top executives.
Microsoft security team wrote in his statement“In recent weeks, we have seen evidence that the Midnight Blizzard group, known as Nobelium, is using or attempting to gain unauthorized access to information they first obtained from our corporate emails, including breaking into some source code repositories and internal systems. will participate.”
It is not yet clear which source code was compromised, but Microsoft warns that the Nobelium group is now trying to use various types of confidential data to further infiltrate Microsoft systems and possibly its customers.
“Some of these secrets were shared between customers and Microsoft via email, and as soon as we find them in our stolen emails, we will contact those customers and help them take appropriate action,” the Redmonds said.
Nobelium group’s first access to Microsoft systems, through an attack Password sprayer It took place last year. In this type of attack, hackers use a huge amount of possible passwords to enter accounts. Microsoft had created a test account without two-factor authentication that allowed Nobelium to access it.
“We have increased our security investments, strengthened our ability to secure and harden our environment against this persistent threat, and will continue to deploy security controls,” the statement reads.
Microsoft has been at the center of severe security attacks in recent years, including the hacking of 30,000 corporate email servers in 2021 due to a flaw in Microsoft’s email exchange server and the penetration of US government emails through a vulnerability in Microsoft’s cloud services that was discovered last year by hackers. Chinese done.
The Redmonds are still investigating Nobelium Group’s recent attacks on their systems, saying, “Our investigations into Midnight Blizzard’s activities are ongoing and findings will be gradually completed and we will share the results.”
