Hackers Launch 81 Million Login Attempts on Microsoft 365
An aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period. This surge in malicious activity highlights a significant threat to cloud-based productivity suites. The attackers employed automated tools to systematically try common and previously compromised passwords against a large number of user accounts.
The campaign, which concluded this week, focused on exploiting weak or reused credentials. Password spraying involves attackers trying a small number of common passwords against a large number of usernames, rather than trying many passwords against a single username. This method is designed to evade account lockout policies that might trigger after too many failed attempts on one account. Microsoft 365, being a widely adopted platform for businesses and organizations, presents a lucrative target for cybercriminals seeking access to sensitive data and systems.
While the exact origin and motives behind this specific campaign remain under investigation, such attacks are often precursors to further malicious activities. These can include data theft, deploying ransomware, or using compromised accounts to launch phishing attacks against other users within an organization. The sheer volume of attempts suggests a coordinated effort by sophisticated threat actors. Security experts advise organizations using Microsoft 365 to enforce strong, unique password policies and enable multi-factor authentication (MFA) to mitigate the risk of account compromise.
This incident underscores the ongoing challenges in securing cloud infrastructure against evolving cyber threats. The continuous barrage of login attempts necessitates robust security measures and vigilant monitoring of access logs. Organizations are urged to review their security postures and implement best practices to protect their digital assets from such widespread attacks. The success of such campaigns can have severe consequences, including financial losses and reputational damage.
Original source — read the full reporting at the publisher:
Read on BleepingComputer