For months, the Iran-backed APT has carried out waves of password spray attacks attempting to authenticate to thousands of environments across multiple targets worldwide.
September 15, 2023 By Nathan Eddy
A global cyber-espionage campaign conducted by the Iranian nation-state actor known as Peach Sandstorm (aka Holmium) has successfully plucked targets in the satellite, defense, and pharmaceutical sectors, Microsoft is warning.
The cyber offensive has been active since February, according to a blog post from Microsoft Threat Intelligence, which concluded that the campaign used masses of password spray attacks between February and July to authenticate to thousands of environments and exfiltrate data, all in support of Iranian state interests.
The password spray method of attack is a type of brute-force method used by hackers to gain unauthorized access to user accounts and systems. Password spraying involves attempting to access multiple accounts using common passwords, reducing the risk of account lockouts.
