Russian Hackers Reel in Phish: Microsoft 365 Under Siege!

Russian nation-state actors are now using device code authentication phishing to access Microsoft 365 accounts. This technique is more effective than your average spear-phishing campaign, making it the PhD of phishing tactics. CozyLarch and other notorious groups impersonate government officials to socially engineer victims into sharing their device codes. Sneaky, isn’t it?

3P
Published: February 14, 2025 2:39 pmAdded: February 14, 2025 at 6:53 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who needs a Hollywood spy thriller when you have Russian hackers and their latest phishing plot to steal Microsoft’s crown jewels? Move over James Bond, it looks like CozyLarch has a thing for spreadsheets and PowerPoints!

Key Points:

  • Russian nation-state actors are using device code authentication phishing to target Microsoft 365 accounts.
  • The attackers impersonate figures from government and research institutions to socially engineer victims.
  • The phishing campaign leverages a technique that is more effective than typical spear-phishing attacks.
  • Volexity identified CozyLarch, linked to Midnight Blizzard, as one of the threat actors.
  • Device Code phishing allows attackers to gain long-term access to sensitive M365 accounts.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?