Techly NewsGet the app

Get the latest tech news

Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication


Starting in mid-January 2025, Volexity identified several social-engineering and spear-phishing campaigns by Russian threat actors aimed at compromising Microsoft 365 (M365) accounts. These attack campaigns were highly targeted and carried out in a variety of ways. The majority of these attacks originated via spear-phishing emails with different themes. In one case, the eventual breach began with highly tailored outreach via Signal.Through its investigations, Volexity discovered that Russian threat actors were impersonating a variety of individuals

KEY TAKEAWAYS Volexity has observed multiple Russian threat actors conducting social-engineering and spear-phishing campaigns targeting organizations with the ultimate goal of compromising Microsoft 365 accounts via Device Code Authentication phishing. After reviewing various parts of the attack, Volexity assesses with medium confidence that the Russian threat actor CozyLarch (aka APT29 or Midnight Blizzard) was behind these US Department of State themed spear-phishing campaigns. The threat actor reached out to numerous individuals with personalized emails requesting a Microsoft Teams meeting to discuss Donald Trump and his impact on relations between the US and the European Union.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Microsoft

Microsoft

Photo of Russian

Russian

Related news:

News photo

Microsoft: Hackers steal emails in device code phishing attacks

News photo

Microsoft Study Finds Relying on AI Kills Your Critical Thinking Skills

News photo

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

« PAROL6: 3D-printed desktop robotic arm
Italy’s Poste Buys Telecom Italia Stake With Meloni Blessing »