Microsoft removes 18 Chinese hacker apps from Azure
Microsoft removes 18 Chinese
In a move to bolster cybersecurity and protect user data, Microsoft has taken decisive action against a group of Chinese hacker apps that were hosted on its Azure cloud platform. The tech giant recently identify and remove 18 malicious applications, which were found to be involved in cyber espionage and other illicit activities. This proactive measure by Microsoft highlights the increasing importance of safeguarding digital ecosystems from potential threats.
The Gadolinium group abused Azure AD applications to attack Microsoft Azure users.
Microsoft has removed from its Azure portal 18 Azure Active Directory applications that were developed. And used by the Chinese cybercriminal group Gadolinium (also known as APT40 or Leviathan). The programs were removed in April this year.
Azure apps were used as part of a malware campaign in 2020 that Microsoft described as “particularly difficult” to detect due to the multi-stage infection process and the widespread use of PowerShell payloads.
The attacks began with targeted phishing, in which criminals sent malicious emails to organizations, usually containing COVID-19-themed PowerPoint files. As soon as the victim opened the document, malicious programs were installed on their system.
According to Microsoft, the hackers used malware on infected computers to install one of 18 Azure AD applications. The role of these applications was to automatically configure the victim’s endpoint “with the permissions required to steal and send data to the attackers’ Microsoft OneDrive.
In addition to removing malicious apps, Microsoft has also been working on removing the GitHub account that the same Gadolinium group used in their attacks in 2018. also, These actions will prevent criminals from reusing the same account for other potential attacks in the future.
Conclusion
In an era where cyber threats are a persistent concern, Microsoft’s decision to remove 18 Chinese hacker apps from Azure demonstrates its unwavering commitment to cybersecurity. By proactively addressing potential threats and strengthening the security of its platforms. Microsoft aims to provide a safer digital environment for its customers. This incident serves as a reminder of the importance of ongoing efforts to combat cyber-espionage and protect user data.
You can also buy instant:
Cashapp Money Transfer Click here
Paypal Money Transfer Click here
Western Union Money Transfer Click here
Venmo Money Transfer Click here
Bank Money Transfer Click here to Contact Us