Facebook Instagram Linkedin Twitter
  • Home
  • Android
  • Apple
  • Apps
  • Cyber Attacks
  • Hacking
  • Malware
  • Reviews
  • Tech
Search
h4ckers-news DISCOVER THE ART OF PUBLISHING
  • Home
  • Android
  • Apple
  • Apps
  • Cyber Attacks
  • Hacking
  • Malware
  • Reviews
  • Tech
Home Hacking Chinese Hack of Microsoft Key Stemmed from Engineer’s Account
  • Hacking

Chinese Hack of Microsoft Key Stemmed from Engineer’s Account

September 7, 2023
0
62
Facebook
WhatsApp
Linkedin
Copy URL

    [ad_1]

    Storm-0558, a threat actor based in China, has recently gained access to a Microsoft account consumer key. This has allowed them to infiltrate and compromise 25 organizations, including those within government agencies.

    Since May 15, 2023, they have been using fake tokens to access emails for espionage.

    On July 11, 2023, Microsoft implemented a block on the campaign of Storm-0558 while ensuring that other environments were not affected.

    U.S. Commerce Secretary Gina Raimondo and other high-profile individuals may have had their private emails accessed by hackers.

    Investigation from Microsoft

    After categorizing the threat actor group, Microsoft initiated an inquiry into the methods employed by the threat actors to obtain the Microsoft account consumer signing key and how it was utilized to gain entry into enterprise email systems.

    In their investigation, the company determined a consumer signing system crash in April of 2021, which led to the creation of a snapshot of the crashed process.

    At the time of occurrence, it was not within Microsoft’s knowledge that the crash dump contained the aforementioned key material.

    Then, the crash dump was found to be moved to the debugging environment on the internet-connected corporate network, believing the key was not included.

    Microsoft believes the key was leaked from the crash dump in the corporate environment by successfully compromising a Microsoft engineer’s corporate account.

    “Due to log retention policies, we don’t have logs with specific evidence of this exfiltration by this actor, but this was the most probable mechanism by which the actor acquired the key.”

    Microsoft has reported that the problems mentioned above have been resolved, and an improved credential scanning technology has been implemented to identify the signing key’s existence more accurately.

    The Chinese Embassy, situated in Washington, D.C., did not respond to an email sent. The government of China has dismissed the accusation of stealing emails belonging to high-ranking officials in the United States as “unfounded.”

    Organizations must take proactive measures to ensure the security of their accounts and data, especially in light of such threats.

    Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.



    [ad_2]

    Source link

    • TAGS
    • account
    • Chinese
    • engineers
    • Hack
    • Key
    • Microsoft
    • Stemmed
    Facebook
    WhatsApp
    Linkedin
    Copy URL
      Previous articleTitanium frame, 45W charging & more
      Next articleSpotify is testing a lyrics paywall: pay to sing along!
      andreasc
      • About Us
      • Privacy Policy
      • Contact Us
      © Newspaper WordPress Theme by TagDiv