Security Hidden Cyber Security Laboratory has detected a new digital threat that occupies Microsoft 365 corporate accounts to steal companies from companies. Although the case poses a high risk, it includes a large botnet and delayed input systems that are still used by several companies.
The case was announced in a report that includes details of the attack that still requires attention from companies that are still ongoing and using Microsoft services, but providing old -fashioned and insecure ways. The full document can be accessed here.
Responsible for making large -scale invasions A botnet consisting of 130,000 stable devices and under the control of bandits. This “zombie network” can make collective access by a high amount of device and help mask the origin of the attack.
https://www.youtube.com/watch?v=etwmegsfvg
So far, no group has claimed the writing of the attack, but researchers suspect Chinese cyber criminals who set up a botnet of US devices.
How is the attack
Botnet’s attack begins while trying to access Microsoft 365 user accounts, the network’s online service package. This is made of identity information that has previously been leaked or stolen from other profiles and waits for the victim to repeat the same password in several accounts. This invasion method is called in the password spraying area (or Password spray in the original term).
With the password at hand, cyber criminals try to overcome Microsoft’s identity. This was done Using access methods such as basic identity authentication, it is still insecure or older accountsThis is the classic login with the user name and password that stores for future access.
Since such an input is very little monitored by safety systems, the invader reaches the account without producing fuss. As a corporate profile, the plan includes playing sensitive information from companies (either to market or forcing the company) and searching for new victims in the same digital environment.
Microsoft’s basic authentication ended last year for Outlook customers, but still in the process of stopping in Microsoft 365.
Source: Tec Mundo
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.
