Microsoft Vice President Tom Burt said the attacks took place between August and September and lasted a whole month.
According to Microsoft, the attacks are linked to a group called the company labels phosphorous. This group is also known as APT35, Charming Kitten and Ajax Security Team. In the past, it has been found that these hackers have links with the Iranian government.
Burt argued that the attacks had several stages. Initially, hackers made more than 2.700 scans to track email accounts belonging to specific Microsoft clients.
After getting a list of desired goals, they tried to get into 241 accounts, which were linked to a campaign of USA and belonged to former and current government officials, as well as to journalists dealing with political issues and prominent Iranians living outside Iran.
The hackers eventually managed to breach four accounts that were not related to the US presidential election or to government officials.
According to the company, the hackers gained access to the accounts through the victims' inbox. The victims also used a second email for the Microsoft account in which they obtained it access the hackers.
The hackers then reset the password and used the reset link they received in the sub inbox to access the Microsoft main account.
Microsoft recommends that users who participate in political campaigns, think tanks, or NGOs sign up to Microsoft AccountGuard. This is a special one service of the company, which is part of the program Defending Democracy.
Accounts owned by AccountGuard have some additional features security, and receive alerts of possible threats. Already over 26.000 accounts from 26 countries have registered with AccountGuard.
"To date, we have sent more than 800 alerts on government attempts hacking attack on AccountGuard customers, "said Burt.
This is not the first time the Phosphorus team has deployed Microsoft. In March, the company took control of 99 web domains, which the team used for spear-Phishing campaigns.
How useful was this post?
Average rating / 5. Vote count: