Russian Computer Hackers Stole Microsoft Source Code

Russian Computer Hackers Stole Microsoft Source Code

Microsoft has announced that a notorious hacker group supported by the Russian government, known as Midnight Blizzard (also known as APT29 or Cosy Bear), managed to gain access to some source code repositories and internal systems following a hack that emerged in January 2024.

Today, the company announced that the attack is ongoing. In a blog post, the company stated, “In recent weeks, we have seen evidence that Midnight Blizzard has used information initially leaked from our corporate email systems to gain unauthorized access or attempt to access it.”

Nobelium is responsible for the complex supply chain attack in 2020 known as the SolarWinds attack, which put thousands of organizations at risk, including major U.S. government agencies such as the Departments of Homeland Security, Defense, Justice, and Treasury.

It was said that the state-sponsored threat actor was trying to take advantage of different types of secrets found, including those shared via email between customers and Microsoft. However, the company did not disclose what these secrets were or the extent of the compromise, but it stated that it reached out directly to affected customers. It is not clear which source code was accessed.

According to Microsoft, there is no indication that its systems have been breached targeting customers.

“This includes access to some source code repositories and internal systems. To date, we have found no evidence that systems targeting Microsoft-hosted customers have been compromised.”

Microsoft said it had increased its security investments and noted that the attacker had increased the “already large volume” of password spray attacks observed in January by up to 10 times in February.

@hackdra Cybersecurity

Hackdra was founded in 2019 by of the sector Pioneer cyber defense experts determined to save the internet from cyber deteriorations. By combining his passion for security with the high-level artificial intelligence technology he developed, he earned the title of the industry’s “first and only Dynamic Artificial Intelligence-based cybersecurity company”. By developing innovative methods for security risks that traditional methods cannot prevent, it has gave direction the understanding of security in the sector and has made a name for itself in the world cyber security configurations.

Related Posts