Microsoft discovers 40 customers targeted in massive hack campaign

Microsoft says it’s identified 40 customers victimized in a massive hacking campaign linked to Russia.

Graphic by Pixabay/Illustration by CNET

Microsoft says it has identified more than 40 customers that were specifically targeted by in a massive hacking campaign linked to Russia this week.

The software giant said in a company blog post Thursday that 80% of those customers are in the US, while the others are located in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.

“It’s certain that the number and location of victims will keep growing,” Microsoft chief counsel Brad Smith wrote in the post, adding that Microsoft’s investigations have found the attack to be ongoing and “remarkable for its scope, sophistication and impact.” The list of targets includes government agencies as well as  security and other technology firms and non-governmental organizations.

Revelations emerged this week that several US government agencies had been breached in a suspected Russian hack enabled by a back door built into software from Austin-based IT firm SolarWinds. The malware was delivered on the company’s Orion, which is installed by more than 17,000 customers, Smith wrote, adding that the attacked reached “many major national capitals outside Russia” and “illustrates the heightened level of vulnerability in the United States.”

Earlier Thursday, Microsoft said it systems were exposed to the attack as well. Microsoft found malicious code related to the attack “in our environment, which we isolated and removed,” spokesman Frank Shaw said in a statement posted to his personal Twitter account.

Shaw also denied a Reuters report Thursday that Microsoft’s systems had been used to attack other victims.

“We have not found evidence of access to production services or customer data,” Shaw wrote. “Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”

News of the massive campaign broke over the weekend with the revelation that hackers supported by a foreign government have been monitoring email at the US Treasury and Commerce departments. The hack was spotted a few weeks ago “only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defenses,” according to The New York Times.

The access point was apparently SolarWinds’ Orion network management software. Once hackers added a backdoor to the Orion code, the “software connected to a server controlled by the hackers that allowed them to launch further attacks against the SolarWinds customer and to steal data,” the Wall Street Journal reported earlier this week.

CNET’s Eli Blumenthal contributed to this report.

Source by [author_name]

Leave a reply

Please enter your comment!
Please enter your name here

Most Popular

Delhi’s fightback story: Active Covid cases down 94% in 10 weeks – ET HealthWorld

NEW DELHI: On November 14, 2020, when the capital was battling its third and deadliest Covid wave, 7,340 new cases and a positivity rate...

Nitish seeks help from Bihari diaspora for state’s industrial growth

Mr. Kumar made an advertisement to this effect late on Saturday while taking part in a webinar organized by BJANA (Bihar- Jharkhand Association...

Salman Khan exempted from appearing in court regarding the blackbuck poaching case : Bollywood News – Bollywood Hungama

Salman Khan had been accused of hunting for blackbucks during the shoot of Hum Saath Saath Hain, back in 1998....

Coronavirus live updates | Travel agents’ body seeks guidelines for travellers who have taken COVID-19 jab

After a review of the first day of the COVID-19 vaccination drive, the Health Ministry on Saturday evening said 1,65,714 people were vaccinated...

Recent Comments