Since the start of hostilities in Ukraine, cyber attacks by Russian hackers have become more active. In one of the most serious cyber incidents of recent times, hackers supported by the Russian government have impersonated Microsoft Teams technical support staff in order to spy on and collect sensitive information about dozens of global organizations, including national agencies.
A few days ago, Microsoft security researchers reported a “highly targeted” social engineering campaign by a Russian state-sponsored hacking group, more commonly known as “APT29” or “Cozy Bear”. US and British law enforcement agencies have indicated that this hacker group is part of Russia’s Foreign Intelligence Service.
In the cyberattacks that began at the end of May, these hackers used previously compromised Microsoft 365 accounts to create new domains related to the technical support area. Using them, hackers sent Microsoft Teams users messages that were designed to trick users into accepting multi-factor authentication prompts. The ultimate goal of the hackers was to gain access to user accounts and obtain sensitive information in this way.
During its investigation, Microsoft has discovered that cyberattacks targeted less than 40 global organizations, including government agencies, non-governmental organizations, IT service providers, technology, manufacturing, and media companies.
2023-08-05 08:00:00
#Microsoft #Teams #Russian #hackers #spy #global #organizations