Dozens of global organizations have been targeted by a Russian government-linked hacking group pretending to be from technical support and engaging users in Microsoft Teams chats in order to steal login credentials, Microsoft researchers said.
According to Microsoft’s blog piece, since late May, fewer than 40 unique global organizations have been affected by these highly targeted social engineering the company is still investigating.
Russia-based Midnight Blizzard or APT29, which the UK and U.S. governments have linked to Russia’s foreign intelligence service, is the hacking group behind this activity.
Without naming any of the targets, Microsoft researchers noted that the targeted organizations likely indicate Midnight Blizzard’s specific espionage objectives directed at the government, NGOs, IT services, and media sectors.
The Russian embassy in Washington didn’t comment on the events.