Microsoft has recently disclosed that Russian state-sponsored hackers, previously detected spying on senior leadership’s email accounts, have also managed to steal source code (via The Verge).
This revelation comes following an ongoing attack orchestrated by the same group responsible for the SolarWinds breach.
In a blog post, Microsoft elaborated that the hacking group, known as “Midnight Blizzard” or Nobelium, has utilized information extracted from corporate email systems to gain unauthorized access to some source code repositories and internal systems.
While the company reassures customers that its customer-facing systems remain uncompromised, the exact nature of the stolen source code remains undisclosed.
Nevertheless, Microsoft warns that the hackers are endeavoring to exploit various types of secrets they’ve obtained to further infiltrate Microsoft’s infrastructure and potentially compromise its customers.
Nobelium initially breached Microsoft’s systems through a password spray attack last year, exploiting a non-production test tenant account lacking two-factor authentication.
Microsoft has responded by bolstering its security investments, coordination, and fortifications across the enterprise to defend against this persistent threat. The company continues to implement enhanced security measures, detections, and monitoring.
The latest attack on Microsoft follows closely on the heels of the company’s announcement to revamp its software security protocols after significant Azure cloud attacks.
Microsoft has been targeted in several high-profile security breaches in recent years, including the compromise of 30,000 organizations’ email servers in 2021 due to a Microsoft Exchange Server flaw and Chinese hackers breaching US government emails through a Microsoft cloud exploit in the previous year.
