By Alex Omenye
Microsoft revealed on Friday that the Russian state-sponsored hacking group known as Midnight Blizzard, linked to Russian intelligence, is attempting to breach its systems again.
The group had previously targeted Microsoft in January, attempting to infiltrate a small percentage of corporate email accounts, including senior leadership, cybersecurity, legal, and other functions.
The current disclosure indicates that Midnight Blizzard, also known as Nobelium, is persistently using information stolen during the earlier breach to gain unauthorized access to Microsoft’s systems.
According to Microsoft, the hackers are utilizing exfiltrated data, including source code repositories and internal systems, to facilitate their current efforts.
The company acknowledged that Midnight Blizzard is leveraging various secrets obtained from exfiltrated emails and is reaching out to affected customers to assist them in implementing mitigating measures.
While Microsoft did not disclose the names of the impacted customers, it emphasized the hackers’ increased aggressiveness and a tenfold rise in their use of “password sprays,” a technique where the same password is applied across multiple accounts in an attempt to gain unauthorized access.
The Russian embassy in Washington has not responded to Microsoft’s recent statement or previous notifications about Midnight Blizzard’s activities.
