Microsoft Says Russian State-Sponsored Hackers Accessed its Source Code

Microsoft has just shared an update on the attack from Midnight Blizzard, the Russian state-sponsored hacking group that has been targeting the company since November. Two months ago, the company said that it was investigating attacks on its corporate email systems, and the company confirmed today that these hackers have accessed its internal systems and some of its source code.

“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code,” the company explained on its Microsoft Security Response Center.

While Microsoft didn’t say what kind of source code the hackers obtained, the software giant said that it found “no evidence that Microsoft-hosted customer-facing systems have been compromised.” However, the attack from this Russian hacking group is still ongoing: The company observed that password spraying attacks, which involve a malicious actor trying to use the same password on multiple accounts, have increased 10x between January and February.

“It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures,” the company explained today.

While Microsoft is continuing to investigate what the state-sponsored hacker group is doing, the company says that it has already taken several measures to enhance its security systems. “Across Microsoft, we have increased our security investments, cross-enterprise coordination and mobilization, and have enhanced our ability to defend ourselves and secure and harden our environment against this advanced persistent threat,” the software giant said today.