Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed

Search

Microsoft Support Agent Credentials Compromised by Attacker

An account used by a Microsoft support agent was compromised, which gave an unauthorized party access to account information such as email addresses, folder names, subject lines, and emails of users that had a conversation with the party from January 1st to March 28th, 2019. Microsoft verified that it was a very small number of web-based email service users that were affected, and they have since been notified. They also verified that no content nor attachments were accessed when the other email information was viewed. Microsoft also disabled the support agent’s credentials and claims to have enhanced its detection and monitoring services. Microsoft sent out an email notification to its affected users that read, “As a result, you may receive phishing emails or other spam emails. You should be careful when receiving any e-mails from any misleading domain name, any e-mail that requests personal information or payment, or any unsolicited request from an untrusted source.”

Analyst Notes

Out of caution, all affected users should change their passwords. Since phishing attempts and spam emails are likely to increase, users should be on the lookout and make sure not to open any suspicious emails. But if they do, no links or attachments should be followed.