Chinese hackers are snooping on Microsoft's servers in search of US secrets, which worries the company

Chinese hackers are snooping on Microsoft's servers in search of US secrets, which worries the company

Attacks on major American companies are on the rise. Microsoft has denounced in a blog post a group of Chinese hackers who are directly attacking its IT supply chain. This has been denounced in the past and has become a real cyberwar.

Microsoft's Threat Intelligence team, which specializes in this type of work, was able to identify the Silk Typhoon group as responsible for the attacks, exploiting security vulnerabilities in its systems. But the attacks are not limited to Microsoft, as they have also been observed in the services of other companies in the United States and other countries, such as those related to healthcare or the country's defense.

Its reach is such that Silk Typhoon was identified in an attack on the US Treasury Department in late 2024 because it “has one of the largest targeting footprints” among cyber espionage actors.

The current goal of this group of hackers is to misuse stolen API keys and credentials associated with privileged access management. They are now trying to filter all the information in these companies’ clouds where the specific key is located to achieve their goal.

Among the cases Microsoft is sharing in its investigations is the exploitation of leaked passwords from GitHub repositories that were used to log into corporate accounts. This indicates that the hacker group is currently putting a lot of effort into investigating and gathering information from its victims in order to achieve its ultimate goal.

As we said, this group was one of the biggest exploiters of vulnerabilities created in Exchange servers. But in order to bypass protection methods, a variety of “web layers” were used to allow them to access the victims’ environment.

As we said at the beginning, this is something that can already be considered a cyberwar between countries. Something similar is on the table now with the trade war that Trump started with his tariff policies between different countries, with China being one of the countries most affected by the tariffs.

Russia is also one of the countries that plays a leading role in this type of cyber warfare, with groups like Forest Blizzard, which Microsoft has already warned about in the past. Over time.

We are facing a serious problem, as we have already seen. Obviously, a small company server is of no importance to these hackers. But when it comes to servers that host government, military, or even research data, these groups target them in order to win this cyberwar.


google-playkhamsatmostaqltradent