On Friday, Microsoft said Russian government hackers continue to break into its systems using information obtained during a hack last year. This time, Russian hackers called Midnight Blizzard have targeted Microsoft’s source code and other internal systems, the company said.
“Over the past few weeks, we have seen evidence that Midnight Blizzard is using information that was originally compromised from our corporate email systems to gain or attempt to gain unauthorized access. This includes access to some of the company’s source code repositories and internal systems. Microsoft wrote in a blog post.
Microsoft too revealed these new findings in a filing with the US Securities and Exchange Commission on Friday.
This new hack comes after Microsoft disclosed in January that Russian government hackers had breached the company’s systems last November.
At the time, Russian hackers broke into corporate email accounts of “senior leadership and employees in our cybersecurity, legal and other functions.” The goal of the operation, according to Microsoft, was to understand what information Microsoft has about them.
The tech giant said in its latest blog post on Friday that Midnight Blizzard is “trying to use secrets of different types that it has found.”
Contact us
Do you know more about the ongoing Microsoft cyber attack? From a non-working device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or via email. You can also contact TechCrunch via SecureDrop.
The hacking group, also known as APT29 or Cozy Bear, found some of this secret information in emails shared between Microsoft and its customers. And hackers have increased tenfold their efforts to crack accounts — also known as “password spraying” — since the initial attacks, according to Microsoft.
The hackers’ activities show “a sustained, significant commitment” of their “resources, coordination and focus,” according to the company.
“[Midnight Blizzard] it can use the information it has received to gather a picture of areas to attack and enhance its ability to do so,” Microsoft wrote.
Midnight Blizzard is believed to be a group of hackers working for Russia’s Foreign Intelligence Service, known by its Russian initials, SVR. Spies has been one of the most prolific government-backed hacking groups in recent years, compromising high-profile targets such as the Democratic National Committee in 2016, SolarWinds in 2019, and more.
