Security News > 2022 > August > Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "Highly persistent threat actor" whose objectives align closely with Russian state interests.
"SEABORGIUM intrusions have also been linked to hack-and-leak campaigns, where stolen and leaked data is used to shape narratives in targeted countries," Microsoft's threat hunting teams said.
"Its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft."
Attacks launched by the adversarial collective are known to target the same organizations using consistent methodologies applied over long periods of time, enabling it to infiltrate the victims' social networks through a combination of impersonation, rapport building, and phishing.
"SEABORGIUM also abuses OneDrive to host PDF files that contain a link to the malicious URL," Microsoft said.
The last phase of attacks entails abusing the stolen credentials to access the victim's email accounts, taking advantage of the unauthorized logins to exfiltrate emails and attachments, set up email forwarding rules to ensure sustained data collection and other follow-on activities.
News URL
https://thehackernews.com/2022/08/microsoft-warns-about-phishing-attacks.html
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)