Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft cautions customers about phishing attacks by Russian hackers

2 min. read

Published onAugust 16, 2022

published onAugust 16, 2022

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Microsoft recently revealed that they had identified amalicious attack. The attack is closely linked to Russian-based hackers as the objectives behind it seem to favor them. SEABORGIUM hacker group is said to be behind this attack, and Microsoft has further indicated that they are currently investigating the matter while they try to trace their digital footprint in their servers to identify any loopholes that could further subject them to susceptibility.

Microsoft Threat Intelligence Centerhas been closely following the moves the hacker group has been making since 2017 and established a pattern. Through constant impersonation and rapport building with targeted parties, they are able to intrude and access credential information.

Microsoft was able to identify the challenges posed by SEABORGIUM’s infiltration especially in OneDrive thus allowing (Microsoft Threat Intelligence Center) MSTIC with all the necessary information that would allow them to salvage the situation as they already had identified the affected customers.

MSTIC partnered with abuse teams in Microsoft to disable accounts used by the actor for reconnaissance, phishing, and email collection. Microsoft Defender SmartScreen has also implemented detections against the phishing domains represented in SEABORGIUM’s activities.

Here’s an example of how the hacker group sends out emails impersonating the lead of an organization to unsuspecting members with the aim of infiltrating their system.

Microsoft has further discovered a couple of avenues that the hacker group uses among them is including a URL directly to the body of their phishing email, a PDF file attachment that contains a URL, and OneDrive link to a PDF file that contains a URL.

Once a user clicks on the URL, they are automatically redirected to an actor-controlled server hosting a phishing framework which as observed by Microsoft often attempts to bypass automated browsing and detonation by fingerprinting browsing behavior. On the final page, the user is prompted to key in their credentials as the platform mirrors the sign-in page of the organizations. Upon completion, the attackers gain access to your account.

Microsoft has gone ahead and provideddetailed informationhighlighting how their customers can avoid falling victims to these malicious attacks.Microsoft’s digital eventheld yesterday on Microsoft Security and ransomware touched on numerous ways that users can deal with these malicious attacks.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Radu Tyrsina