Microsoft announced Friday that Russian government hackers continue to infiltrate its systems using information obtained in last year's hack. This time, Russian hackers known as “Midnight Blizzard” targeted Microsoft's source code and other internal systems, the company announced.
“In recent weeks, we have seen evidence that Midnight Blizzard is gaining or attempting to gain unauthorized access using information originally leaked from our corporate email systems. This includes access to source code repositories and some internal systems,” Microsoft wrote in a blog post.
Microsoft also disclosed these new findings in a filing with the U.S. Securities and Exchange Commission on Friday.
This new intrusion comes after Microsoft revealed in January that Russian government hackers had breached its systems last November.
At the time, Russian hackers breached the corporate email accounts of “senior leadership teams and employees in our cybersecurity, legal, and other departments.” According to Microsoft, the purpose of the operation was to understand what information Microsoft had about them.
The tech giant said in its latest blog post on Friday that Midnight Blizzard is “looking to take advantage of the different types of secrets we discover.”
Contact Us Do you want to know more about the ongoing Microsoft cyberattack? Contact Lorenzo Franceschi-Bicchierai securely from your non-work device on Signal (+1 917 257 1382) or on Telegram, Keybase and Wire @lorenzofb, or by email You can contact me. You can also contact TechCrunch via SecureDrop.
The hacker group, also known as APT29 or Cozy Bear, discovered some of its sensitive information in emails shared between Microsoft and its customers. And Microsoft says hackers have increased their attempts to brute-force accounts (also known as “password spray”) tenfold since the first attack.
The company said the hackers' activities demonstrate a “continued and significant commitment” of their “resources, coordination and focus.”
“[Midnight Blizzard] “It may use the information it obtains to build up a complete picture of its attack surface and enhance its capabilities,” Microsoft wrote.
Midnight Blizzard is believed to be a hacker group affiliated with the Russian Foreign Intelligence Service, known by its Russian initials SVR. The spy has been one of the most prolific government-backed hacking groups in recent years, infiltrating high-profile targets such as the Democratic National Committee in 2016 and his 2019 attack on SolarWinds. I am.