Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Windows Central
Windows Central
Kevin Okemwa

Microsoft Teams users are under attack. Here's how to protect yourself against Midnight Blizzard.


What you need to know

  • Microsoft has identified a new attack affecting Teams users.
  • A Russian hacker group known as Midnight Blizzard is behind the exploit.
  • The attack has impacted less than 40 unique organizations.
  • The hackers are leveraging previously compromised Microsoft 365 tenants belonging to small business owners to create new domains that purport to be technical support entities.
  • Microsoft has mitigated the attack and is currently investigating its impact. 

Microsoft recently identified a new exploit by a Russian hacker group called Midnight Blizzard affecting Teams users. According to Microsoft Threat Intelligence, the hackers are leveraging previously compromised Microsoft 365 tenants belonging to small business owners to create new domains purporting to be technical support entities, as reported by Neowin.

The company further indicated that the attackers have been using these domains to send Teams messages to unsuspecting users to gain access to crucial and private information. Midnight Blizzard's ploy bypasses multifactor authentication (MFA) by getting the Teams users to approve the prompts from their end. 

(Image credit: Microsoft)

As a workaround, Microsoft recommends reinforcing elaborate security measures that will flag any authentication requests not initiated by the user as a threat. The company's findings indicate that the exploit has impacted fewer than 40 unique global organizations. And according to Microsoft:

The organizations targeted in this activity likely indicate specific espionage objectives by Midnight Blizzard directed at government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, and media sectors.

Microsoft has disclosed that the hacker group's exploits have been mitigated and that investigation is ongoing to determine the attack's impact and a permanent remedy. The company has already reached out to targeted or compromised customers and furnished them with all the necessary information to prevent the recurrence of this issue.

Brace up with multi-factor authentication (MFA)

The social engineering attack by Midnight Blizzard is a ploy that multiple organizations have fallen victim to. Attackers are transitioning from old plays, like sending malicious links to unsuspecting users, to more sophisticated techniques. 

As you might already know, multi-factor authentication (MFA) is an important feature that beefs up the security of your online accounts and prevents unauthorized users from accessing your personal information. As such, it's extremely important to ensure that you've set up two-factor authentication (2FA) on your accounts. Microsoft has also provided a comprehensive list of recommendations designed to reduce the risk of this threat.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.