Microsoft Hackers Stealing Bitcoin From Compromised Accounts
The tainted code had allowed hackers into FireEye's network, and there were bound to be others who were compromised, too. "We were hearing that different reporters had the scoop already," Mandia said. "My phone actually rang from a reporter and that person knew and I went, OK, we're in a race."
Microsoft Hackers Stealing Bitcoin from Compromised Accounts
Twitter employees became victims of a chain of spear phishing attacks. Hackers gathered information on company employees working from home, contacted them, introduced themselves as Twitter IT administrators, and asked for user credentials. Using compromised employee accounts, the attackers then gained access to administrator tools. With these tools, they reset the accounts of famous Twitter users, changed their credentials, and tweeted scam messages.
Multi-factor authentication (MFA) continues to embody both the best and worst of business IT security practice. As Roger Grimes wrote in this article about two-factor hacks three years ago, when MFA is done well it can be effective, but when IT managers take shortcuts it can be a disaster. And while more businesses are using more MFA methods to protect user logins, it still is far from universal. Indeed, according to a survey conducted by Microsoft last year, 99.9% of compromised accounts did not use MFA at all and only 11% of enterprise accounts are protected by some MFA method.
In September 2014, JPMorgan Chase, one of the largest banks in the US, disclosed that cyberattacks compromised accounts of over 76 million households and 7 million small businesses. Although the attack was initially thought to have only affected 1 million accounts, investigations found that the attack was much worse, lasting about a entire month from June to July.
In one of the most high-profile security breaches in recent years, hackers sent out bogus tweets on July 15 from the accounts of Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.
The hackers targeted 130 accounts. They managed to tweet from 45 accounts, access the direct message inboxes of 36, and download the Twitter data from seven. Dutch anti-Islam lawmaker Geert Wilders has said his inbox was among those accessed.