Chinese hackers accessed US govt emails by exploiting bug: Microsoft

M

icrosoft has revealed that Chinese hackers have exploited a flaw in its cloud email service to gain access to email accounts affecting approximately 25 organisations including government agencies as well as related consumer accounts of individuals likely associated with these organisations. 

The tech giant has published details of activity by a China-based actor it is tracking as Storm-0558.

We have been working with the impacted customers and notifying them prior to going public with further details. At this stage -- and in coordination with customers -- we are sharing the details of the incident and threat actor to benefit the industry, said Charlie Bell, Executive Vice President, Microsoft Security.

This China-based hacking group is focused on espionage, such as gaining access to email systems for intelligence collection. This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems.

Our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email data from approximately 25 organizations, and a small number of related consumer accounts of individuals likely associated with these organizations, the company said in its latest blog post.

They did this by using forged authentication tokens to access user email using an acquired Microsoft account consumer signing key. Microsoft said it has completed mitigation of this attack for all customers.

✔️ Chinese hackers accessed US govt emails by exploiting bug: Microsoft

📝 Post your comments

💕 Found this article helpful? Spread the word and support us!