According to a blog post from Microsoft Threat Intelligence released on Tuesday, Oct. 29, the hackers have sent "a series of highly targeted spear-phishing emails" to thousands of people in more than 100 organizations since Oct. 22.
The Federal Bureau of Investigation (FBI) said on Oct. 25 that it was investigating potential unauthorized access by Chinese state-connected hackers zeroing in on the commercial telecommunications sector.
As reported in the blog, the senders pretended to be Microsoft employees in some of the emails.
Spear phishing includes sending tailored emails to people with links to harmful websites that can then be used to steal the information of the addressees. It was not immediately clear how many of the attacks were successful.
According to Microsoft the attacks were committed by a Russian group named Midnight Blizzard, which American and British governments have linked to the SVR, the Russian foreign intelligence service.
The tech giant previously blamed the group for an attack on its corporate systems back in January, during which Midnight Blizzard allegedly accessed a "small number" of Microsoft email accounts, including emails of senior executives and employees who work in cybersecurity and legal.
In April, American federal agencies were ordered to examine emails, reset compromised credentials and work to secure Microsoft accounts. The Cybersecurity and Infrastructure Security Agency said at the time that the incident represented a "grave and unacceptable risk" to agencies.
Earlier in October, Microsoft announced that it had uncovered a hacking group linked to Russian intelligence. (Related: Alleged Russian hackers stole email conversations between Microsoft and U.S. federal agencies.)
The group, called Star Blizzard by cyberespionage experts, targeted its victims with spear phishing. Star Blizzard tried to infiltrate into the systems of several think tanks, as well as the files of journalists and former military and intelligence officials.
As reported by Microsoft, Star Blizzard's actions were consistent and advanced, and the group frequently did comprehensive research on its targets before initiating an attack. Star Blizzard also targeted civil society groups, U.S. corporations, American military contractors and the Department of Energy, which supervises numerous nuclear programs.
A U.S. court recently unsealed documents authorizing Microsoft and the Department of Justice to stop more than 100 website domain names linked with Star Blizzard. This came after a lawsuit was filed against the network by Microsoft and the NGO-Information Sharing and Analysis Center, a nonprofit tech organization that examined Star Blizzard.
"The Russian government ran this scheme to steal Americans' sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials," Deputy Attorney General Lisa Monaco said in declaring actions against Star Blizzard.
"With the continued support of our private sector partners, we will be relentless in exposing Russian actors and cybercriminals and depriving them of the tools of their illicit trade."
Follow CyberWar.news for more news about hacking and cyberattacks.
Watch the video below about Microsoft revealing that Chinese hackers targeted critical U.S. infrastructure.
This video is from the channel The Resistance 1776 on Brighteon.com.
FBI claims it disrupted Chinese hacking campaign on critical U.S. infrastructure.
Sources include: