Summary: Researchers have reported ongoing efforts by Russia-linked hackers to exploit Microsoft 365 environments, particularly targeting NGOs with ties to Ukraine through sophisticated social engineering techniques. The attackers use phishing tactics via messaging apps to trick victims into revealing OAuth codes, allowing unauthorized access to M365 accounts. Volexity urges organizations to enhance user training and vigilance against unsolicited contact, especially from secure messaging platforms.
Affected: Organizations using Microsoft 365, particularly NGOs related to Ukraine
Keypoints :
- Targeted social engineering operations are aimed at NGOs supporting human rights in Ukraine.
- Hackers trick victims by inviting them to phishing video calls and harvesting OAuth tokens.
- Organizations are encouraged to train users to be cautious with unsolicited communications, especially from messaging apps.
- The prevalence of Microsoft 365 makes it a consistent target for cyberattacks.
Source: https://therecord.media/russia-linked-phishing-microsoft365-ukraine-ngos