17 Jun Microsoft found a massive Office 365 hijacking campaign
Second major BEC campaign uncovered in as many months
Researchers at Microsoft 365 has dismantled the cloud computing hack that was used to orchestrate a large-scale business email compromise (BEC) campaign.
In a joint blog post, Stefan Sellmer, from Microsoft 365 Defender Research Team, and Nick Carr, from Microsoft Threat Intelligence Center (MSTIC) share details about the malicious cloud infrastructure that was spread across multiple web services.
The cybersecurity researchers shared that the campaign compromised mailboxes using phishing and forwarding rules, with the intention of getting their hands on emails about financial transactions.
“This investigation also demonstrates how cross-domain threat data, enriched with expert insights from analysts, drives protection against real-world threats, both in terms of detecting attacks through products like Microsoft Defender for Office 365, as well as taking down operations and infrastructures,” write the researchers.