The company says cyber attackers are using a sophisticated ploy to lure Microsoft Teams users under the guise of a tech security chat request.
August 3, 2023 By Shane Snider
Microsoft on Wednesday said Russian government-backed cyber attackers known as Midnight Blizzard (also known as NOBELIUM or APT29) are targeting users of the Teams application through authentic-looking chat requests appearing as technical support staff.
The messages are an attempt to steal credentials from a targeted organization by engaging a user and eliciting approval of multifactor authentication (MFA) prompts, Microsoft Threat Intelligence warned in a blog post. Hackers used compromised Microsoft 365 accounts owned by small businesses to make new domains that appear to be technical support entities.
“This latest attack, combined with past activity, further demonstrates Midnight Blizzard’s ongoing execution of their objectives using both new and common techniques,” according to the blog post.
