Security News > 2020 > July > Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks
Microsoft has seized several domains associated with a massive hacking campaign, which has targeted Office 365 accounts with phishing and business email compromise emails.
A recent court order issued by U.S. District Court for the Eastern District of Virginia allowed the tech company to disable the domains associated with the email attacks and disband the campaign: "Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminals' infrastructure so that it can no longer be used to execute cyberattacks," according to Tom Burt, corporate vice president, Customer Security and Trust, in a Tuesday post.
In more recent, renewed phishing attacks the emails contained phishing themes leveraging the ongoing coronavirus pandemic - a commonly used lure for email scams, malware attacks and other malicious activities since March.
The campaign, targeting Office 365 users, sent an email that includes a link to register to the training: "COVID-19 Training for Employees: A Certificate for Health Workplaces."
After clicking through the consent prompt for the malicious web app, cybercriminals then received permission to access and control the victims' Office 365 account contents, including email, contacts, notes and material stored in the victims' OneDrive for Business cloud storage space and corporate SharePoint document management and storage system.
News URL
https://threatpost.com/microsoft-seizes-domains-office-365-phishing-scam/157261/
Related news
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft discloses unpatched Office flaw that exposes NTLM hashes (source)
- Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft Office 2024 to disable ActiveX controls by default (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)