Digital Forensic, Research and Analytics Center

Saturday, June 25, 2022
HomeOnline FraudMicrosoft Office 365 customer accounts breached by new hacking group

Microsoft Office 365 customer accounts breached by new hacking group

Published on

Subscribe us

On October 11,2021, Microsoft reported that a new group of hackers have been identified who have been targeting Office 365 tenants and customers. Over 250 tenants and about 20 user accounts have been compromised as of now. 

The attacks seem to be still continuing with more accounts compromised each day. The targets have been identified to be focused on US based entities and Israeli defense companies amongst other companies in the Middle East.

The group has been using the technique of password spraying which means that hackers use the same password over and over again only changing the username each time. The investigation of this attack has been named DEV-0343

How password spraying works

The attacks have usually been taking place with Tor IP addresses and imitating Firefox browser agents. Before the attacks hit however, the group first enumerates active employee accounts of an organization and then starts the spraying of passwords. Enumeration of accounts is done through Autodiscover and Autosync which are servers offered by Exchange. 

Thousands of Tor IP addresses can be used in just one attack. While Microsoft is still investigating the group, the attacks are still taking place and have not slowed down yet. Such frequent attacks might slow down Microsoft’s promise to go passwordless in the future. 

Popular of this week

Latest articles

Fact Check: Did former president Pratibha Patil praise PM Modi?

A post is becoming fiercely viral on social media. It has been claimed in...

Fact Check: Reality behind the picture of PM Modi on TIME magazine.

An image of Prime Minister Narendra Modi is going viral on social media sites....

Fact Check: Samajwadi Party leader blames media for calling Licypriya Kangujam a foreigner

Digital media coordinator of Samajwadi Party Manish Jagan Agarwal had shared a picture of...

Fact Check: Why Amul’s banner went viral on social media? know the reality 

Amul is such a brand in India that every child here knows about Amul....

all time popular

More like this

Gunslinging leading to hate crimes, gang wars in Punjab

Post the killing of singer-turned-politician Sidhu Moosewala in Mansa of Punjab, speculations are ripe...

YONO App: Another Lead to Online Banking Scam

India loses 100 crores, every day to bank fraud as per the RBI in...

 A Report on username changing Accounts on Twitter

People often use usernames for their profiles to own a recognized account on Twitter....

Co-location Scam, The biggest stock market scam in India?

The biggest stock market scam has already taken place or the matter is yet...

Sextortion: A Prevalent Online Scam in India

An elevation of 11% was witnessed in the year 2020 regarding cyber crime. In...

Hacked installed malware detected on website selling nobility titles

The Principality of Sealand is a small island nation in the North Sea and...