Microsoft has disrupted a Russian cybercriminal group named SEABORGIUM from conducting further cyberattacks that have heavily aligned with Russian state interest.
The Microsoft Threat Intelligence Center (MSTIC) has been tracking the cyber group since 2017 and have noted that the cybergroup persistently uses phishing attacks and credential theft campaigns in the hopes of stealing crucial data from NATO allied nations.
“Microsoft’s ability to detect and track SEABORGIUM’s abuse of Microsoft services, particularly OneDrive, has provided MSTIC sustained visibility into the actor’s activities and enabled us to notify impacted customers,” stated the Microsoft blog.
Microsoft has taken measures to shutdown various accounts connected to the cybergroup and has also worked alongside Googles, Threat Analysis Group (TAG) which has helped track this cybercriminal ring of actors.
Microsoft has documented that the cyber group has gone after over 30 different organizations since the start of this year, with various online accounts associated with the group.
According to Microsoft some of the tactics that they would employ include impersonating others on websites such as LinkedIn and on emails with information regarding files or documents that unsuspecting people believed to be authentic.
Once such unsuspecting victims open the documents they are infected with malicious software that is aimed at trying to obtain as much data about the person and their online accounts.
Microsoft has provided a series of tips in which people can help protect themselves against cyber criminals which include requiring a multifactor authentication tool, disabling email auto-forwarding, and avoid clicking suspicious URL links.