Russian Hacker Group Midnight Blizzard Launches Phishing Campaign On US Government and Key Sectors

The Russian hacker group Midnight Blizzard has sent a series of phishing emails to individuals in the US government, academia, defense, NGOs, and other sectors to gather intelligence, Microsoft reported on October 29.

Since October 22, Microsoft representatives have been observing an increase in phishing emails sent by the hacker group Midnight Blizzard, which is linked to Russia, targeting government and defense structures, as well as academic and non-governmental organizations.

"Based on our investigation of previous Midnight Blizzard spear-phishing campaigns, we assess that the goal of this operation is likely intelligence collection," Microsoft states.

Microsoft specialists report that the emails were sent to thousands of recipients across more than 100 organizations. In some cases, the attackers impersonated Microsoft employees and referred to other cloud service providers.

According to the company, Midnight Blizzard had not previously been known to use this type of attack. However, similar activity was detected in attacks on units of Ukraine's State Cyber Protection Center (CERT-UA) and Amazon computers. Microsoft, along with the US and UK governments, links these hackers to Russian intelligence services.

Earlier, The United States, the United Kingdom, and Australia have imposed new sanctions on members of the Russian cybercriminal group Evil Corp, known for its attacks using the Dridex malware, which has caused significant damage in over 40 countries.