Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Hacking group linked to Iranian gov’t tried to break into US Presidential candidate’s email, says Microsoft
2 min. read
Published onOctober 8, 2019
published onOctober 8, 2019
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Reporting of nation-state attacks has been increasing over the past handful of years as both journalists and targeted entities are becoming more transparent about the data and personal information of citizens, customers and users that are put at risk.
Either directly or by proxy tech companies have increasingly been getting involved with local and state governments to help combat meddling as well as protect their users from the growing wave of nation-state attacks, some of which are directed at disrupting the democratic processes within countries.
Microsoft most notably hasdeveloped and cultivated its AccountGuard serviceto help “monitor accounts of campaigns and other associated organizations related to election processes in democracies around the world, publishing this information should help others be more vigilant and take steps to protect themselves.”
In doing so, Microsoft was able to monitor and help notify the Iranian government to 2,700 attempts from a threat group they dubbed Phosphorus, to identify consumer email accounts that were linked to specific Microsoft customers. Being a nation-state attack, Phosphorus targeted 241 accounts associated with “U.S. presidential campaign, current, and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran.”
Phosphorus used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts. For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account. In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets.
Unfortunately, four accounts had been compromised and Microsoft obviously is mum on the information regarding those breaches but has notified the customers directly and helped to resecure them.
In the wake of the attacks and breach, Microsoft is calling on not only governments to help combat these constant attacks but on customers to be aware and takethe necessary steps to help keep themselves safefrom sophisticated and, in this instance, unsophisticated but persistent attacks.
Kareem Anderson
Networking & Security Specialist
Kareem is a journalist from the bay area, now living in Florida. His passion for technology and content creation drives are unmatched, driving him to create well-researched articles and incredible YouTube videos.
He is always on the lookout for everything new about Microsoft, focusing on making easy-to-understand content and breaking down complex topics related to networking, Azure, cloud computing, and security.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Kareem Anderson
Networking & Security Specialist
He is a journalist from the bay area, now living in Florida. He breaks down complex topics related to networking, Azure, cloud computing, and security
