Article 6K6T0 Microsoft says Kremlin-backed hackers accessed its source and internal systems

Microsoft says Kremlin-backed hackers accessed its source and internal systems

by
Dan Goodin
from Ars Technica - All content on (#6K6T0)
microsoft-800x534.jpg

Enlarge (credit: Getty Images)

Microsoft said that Kremlin-backed hackers who breached its corporate network in January have expanded their access since then in follow-on attacks that are targeting customers and have compromised the company's source code and internal systems.

The intrusion, which the software company disclosed in January, was carried out by Midnight Blizzard, the name used to track a hacking group widely attributed to the Federal Security Service, a Russian intelligence agency. Microsoft said at the time that Midnight Blizzard gained access to senior executives' email accounts for months after first exploiting a weak password in a test device connected to the company's network. Microsoft went on to say it had no indication any of its source code or production systems had been compromised.

Secrets sent in email

In an update published Friday, Microsoft said it uncovered evidence that Midnight Blizzard had used the information it gained initially to further push into its network and compromise both source code and internal systems. The hacking group-which is tracked under multiple other names, including APT29, Cozy Bear, CozyDuke, The Dukes, Dark Halo, and Nobelium-has been using the proprietary information in follow-on attacks, not only against Microsoft but also its customers.

Read 7 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments