Security News > 2025 > February > Massive botnet hits Microsoft 365 accounts
A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated threat actors, citing evidence of infrastructure linked to CDS Global Cloud and UCLOUD HK, which have operational ties to China. The attack utilizes command-and-control (C2) servers hosted by SharkTech, a U.S.-based provider previously identified for hosting malicious activity. “These findings from our STRIKE Threat Intelligence team … More → The post Massive botnet hits Microsoft 365 accounts appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/02/24/botnet-hits-microsoft-365-accounts/
Related news
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Microsoft links recent Microsoft 365 outage to buggy update (source)
- New Microsoft 365 outage impacts Teams, causes call failures (source)
- Microsoft 365 apps will prompt users to back up files in OneDrive (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)