Microsoft claims Russian hackers stole source code after snooping on company executives

Microsoft disclosed earlier this year that Russian state-backed hackers had monitored the email accounts of some members of its senior management team. Now Microsoft has revealed that the attack, which also stole some source code, came from the same group behind the SolarWinds attack, which Microsoft describes as an ongoing attack. "Over the past few weeks, we have seen evidence that Midnight Blizzard [Nobelium] is using information originally leaked from our corporate email systems to gain or attempt to gain unauthorized access," Microsoft explained in a blog post. “This includes access to some of the company's source code repositories and internal systems. So far, we have not found evidence that Microsoft HOST customer systems are at risk. "

It is not clear which source code is available, but Microsoft warns that Nobelium group or "midnight blizzard", as referred to in Microsoft, is now trying to use "different types of secrets it has found" for "future gigants and potentially in its customers in the area" These secrets were divided between customers and Microsoft E -Past, and when we discover them in our former filtered E -Paine, we have been and communicate with these customers to help them take measures to reduce measures, "says Microsoft in the area "Across Microsoft, we've increased our investment in security, coordination and mobilization across the enterprise, and our ability to protect ourselves and protect and harden our environment against these advanced persistent threats," Microsoft said, "We've increased our ability to defend and protect ourselves. and harden our environment against these progressive persistent threats." Further enhanced security controls, detection and monitoring will also be implemented."

The attack on Microsoft initially came days after the company announced plans to review software security following a serious attack on the Azure cloud. Microsoft has been at the center of several high-profile security attacks in recent years, including 30,000 corporate email servers compromised in 2021 due to a Microsoft Exchange server flaw, and Chinese hackers exploiting a Microsoft cloud computing vulnerability to breach the US government last year. for e-mails.

Microsoft is still investigating Nobelium's latest attack on its systems. "Our active investigation into Midnight Blizzard activity is ongoing and our findings will continue to evolve," Microsoft said. "We remain committed to sharing what we learn."