A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated threat actors, citing evidence of infrastructure linked to CDS Global Cloud and UCLOUD HK, which have operational ties to China. The attack utilizes command-and-control (C2) servers hosted by SharkTech, a U.S.-based provider previously identified for hosting malicious activity. “These findings from our STRIKE Threat Intelligence team … More
The post Massive botnet hits Microsoft 365 accounts appeared first on Help Net Security.
