X
search

Microsoft is still investigating how hackers accessed its emails

Pictured: Hamid Ganji
By Hamid Ganji
July 18, 2023
Featured image for Microsoft is still investigating how hackers accessed its emails

After Chinese hackers could get access to Microsoft email accounts, the tech giant is still investigating the case to identify holes in its systems. Sources claim hackers had access to the company’s servers for almost a month before getting caught and pushed out.

Last week, Microsoft revealed that some bad actors from China could gain access to over two dozen of their email accounts. The impacted accounts reportedly belonged to some high-profile organizations, including government agencies.

Microsoft’s further investigations revealed that the hacking campaign, dubbed “Storm-0558”, started mid-May this year. And targeted the email accounts of 25 organizations. The company later explained hackers took access to the accounts through Outlook Web Access in Exchange Online (OWA) and Outlook.com by forging authentication tokens to access user email.

Chinese hackers penetrated Microsoft servers and gained access to the US government emails

Microsoft now says the method hackers used to gain server access is still “a matter of ongoing investigation.” According to the company’s explanations, an issue with the Microsoft account consumer signing key (MSA) allowed hackers to compromise the email accounts. The issue has been corrected.

Of course, Microsoft has yet to remain tight-lipped about the scope of damage and the data being stolen. The company added they had contacted the targeted customers to provide them with a proper response. “If you have not been contacted, our investigations indicate that you have not been impacted,” the company said.

Microsoft says nothing to be done by users, and they are taking care of the case to identify the roots. However, some compromised email accounts reportedly belonged to the US government, meaning some highly confidential government information might be taken by Chinese hackers.

Still, there is no clue to confirm Storm-0558’s relationship with the Chinese government. By the way, prior experiences show that most Chinese hacking groups work under government supervision. In recent months, the tensions between the United States and China have reached their peak. Such espionage actions by the Chinese government could add fuel to the fire of tensions between countries.

  翻译: