Hackers used credentials of a Microsoft Support worker to access users’ webmail
Tuesday, April 16, 2019
Motherboard’s source said that the attackers could access free, but not paid user accounts, and that the hackers were after accounts of iPhone owners whose devices were stolen and had to be de-coupled from iCloud accounts in order to be reset and sold on. They used these targets’ compromised email account to send and confirm password reset requests for iCloud accounts.
ImmuniWeb CEO Ilia Kolochenko advised all Outlook account owners to change their passwords and secret questions, as well as passwords for any other accounts that sent, or could have sent, a password recovery link to their Outlook email.
“Compromise of privileged accounts is a widespread and effective method among cybercriminals to get to the crown jewels at high speed and low cost. It is, however, quite surprising that such a reputable company as Microsoft reportedly has not reacted to the anomalies for as long as three months,” he added.
“Continuous monitoring of privileged accounts is quintessential to ensure data security and compliance. Moreover, nowadays, with emerging machine learning technologies it has become a pretty easy task is properly implemented.” Read Full Article