Chinese hackers forged authentication tokens to breach government emails

Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threat actor Microsoft links to this incident is an adversary based in China that Microsoft calls Storm-0558. We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection.” This specific hacking group primarily targets government … More

The post Chinese hackers forged authentication tokens to breach government emails appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: