Security News > 2021 > October > Microsoft: Iran-linked hackers target US defense tech companies

Microsoft: Iran-linked hackers target US defense tech companies
2021-10-11 15:52

Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks.

The activity cluster was temporarily dubbed DEV-0343 by researchers at Microsoft Threat Intelligence Center and Microsoft Digital Security Unit, who have tracked it since late July.

"Targeting in this DEV-0343 activity has been observed across defense companies that support United States, European Union, and Israeli government partners producing military-grade radars, drone technology, satellite systems, and emergency response communication systems,' Microsoft says."

Microsoft has directly notified customers that have been targeted or compromised, providing them with the information they need to secure their accounts.

Since the attacks have started, less than 20 targets have been compromised, with Microsoft noting that Office 365 accounts with multifactor authentication toggled are resilient against DEV-0343's password spray attacks.

"They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times," Microsoft says.


News URL

https://www.bleepingcomputer.com/news/security/microsoft-iran-linked-hackers-target-us-defense-tech-companies/