Exchange email accounts hacked by a Chinese hacking group, Microsoft says

A recent report from Microsoft reveals that a Chinese hacking group, known as Storm-0558, has compromised the email accounts of more than two dozen organizations around the world, including government agencies in the US and Western Europe.

The report, published on June 16, 2023, states that Microsoft began investigating these incidents after receiving reports from customers about suspicious Office 365 mail activity.

According to the report, Storm-0558 is a cyber-espionage group that has been linked to several previous attacks on email systems of various sectors, such as healthcare, education, and defense. The group uses sophisticated techniques to evade detection and gain persistent access to the targeted accounts. The group’s main objective is to collect sensitive information that could be used for political or economic advantage.

The report says that the group has been active since at least May 15, 2023, when it first breached Outlook accounts belonging to approximately 25 organizations, some of which are reportedly the US State and Commerce Departments. The group also targeted some consumer accounts that were likely associated with these organizations.

Microsoft says that it has notified the affected customers and has taken steps to secure their accounts and prevent further attacks. Also, the US government informed Microsoft of an unauthorized intrusion into its cloud email services last month, according to a statement from National Security Council spokesperson Adam Hodge that CNN obtained.

“US government security measures detected a breach in Microsoft’s cloud security, affecting unclassified systems,” Hodge said to CNN.

“Officials promptly reached out to Microsoft to determine the origin and vulnerability of their cloud service. We maintain high security standards for the US government’s procurement providers.”

Microsoft also urges all Office 365 users to enable multi-factor authentication and review their mail forwarding rules to protect their accounts from unauthorized access.

Keep in touch with our blog to read the latest news and innovations in the cybersecurity world. 

Chinese hacking group

Photo by Dimitri Karastelev on Unsplash.

Facebook: Eagle Tech Corp

Instagram: @eagletech_corp

Twitter: @eagletechcorp

LinkedIn: Eagle Tech

YouTube: Eagle Tech Corp

Cybersecurity and IT Managed Services