Russian Hackers Nobelium Breach Microsoft’s Corporate Accounts in 2023


Microsoft, a software giant, recently faced a breach from the Russian cybercriminal group, known as Nobelium or Midnight Blizzard. This group infiltrated Microsoft’s systems using a “password spray attack” that started in November 2023. The hackers managed to gain access to a miniscule portion of Microsoft’s corporate email accounts, including those belonging to members of senior leadership. The threat research team of Microsoft is active in investigating such cyber threats, and their investigation of this incident indicated the prime targets were email accounts holding information about Midnight Blizzard itself. The incident was eventually controlled by Microsoft by cutting off the perpetrator’s access to its systems.

Midnight Blizzard Targets Microsoft

A cybercriminal collective from Russia, identified as Nobelium or Midnight Blizzard in cybersecurity circles, utilized a method termed a “password spray attack” from Nov. 2023 to compromise a Microsoft platform shared by the company in a blog. This tactic has seen hackers breach a company’s systems through the repetition of a single password over several accounts.

Extent of the Breach

Nobelium managed to infiltrate “a marginal fraction” of Microsoft’s business email accounts, which included accounts owned by top-level executives and employees working in the fields of cybersecurity, legal and other operations, as stated by Microsoft.

Targeting Information on Midnight Blizzard

Microsoft’s threat study team is regularly involved in probing nation-state hackers like Midnight Blizzard. The tech giant’s inquiry into this recent data breach suggested that the initial targets of the hackers were email accounts containing Intel on Midnight Blizzard.

The Foreign Ministry and the Russian Embassy in Washington did not immediately react to requests made for a statement.

Microsoft’s Response

Following an internal investigation, Microsoft managed to interrupt the hostile activity, effectively preventing further access to its systems by the threat actor.

The breach underscores the potential cyber threat that lurks within the global financial and trading markets, including the forex markets, raising concerns about the safety of investor data and transactions, which could further influence the dynamics of these markets.

PIP Penguin