Microsoft Discloses Source Code Theft by Russian Hackers Linked to SolarWinds Attack
Earlier this year, Microsoft disclosed that Russian state-sponsored hackers had infiltrated the email accounts of some senior leadership members.
Now, the company has revealed that the same group responsible for the SolarWinds attack has stolen source code in an ongoing breach.
According to Microsoft, the group known as “Midnight Blizzard” or Nobelium has been leveraging data extracted from corporate email systems to gain unauthorized access to internal systems and source code repositories. While there is no evidence of compromise in Microsoft’s customer-facing systems, the attackers are attempting to exploit discovered secrets to breach Microsoft and potentially its customers.
The exact nature of the accessed source code remains unclear. However, Microsoft is actively engaging with customers to mitigate risks associated with compromised information shared via email.
Nobelium initially breached Microsoft’s systems through a password spray attack, exploiting a non-production test tenant account lacking two-factor authentication.
To combat the threat, Microsoft has bolstered security measures, enhanced coordination, and invested in monitoring capabilities. The company is committed to implementing additional security controls to safeguard against advanced persistent threats.