The Latest Cyber Attack On Top US Officials Begins With The Hacking Of Microsoft's Corporate Account

Microsoft Corp. company revealed that the latest cyberattack by the Chinese side against senior officials in the State Department and the United States Department of Commerce stemmed from the compromise of the corporate account of a Microsoft engineer. This was revealed in a blog post published by Microsoft on Wednesday.

Microsoft said the engineer's account had been hacked by a hacking group known as Storm-0558. The group is thought to have stolen hundreds of thousands of emails from leading US officials, including Trade Minister Gina Raimondo, US Ambassador to China Nicholas Burns, and State Assistant Secretary to East Asia Daniel Kritenbrink.

The blog post answers some unanswered questions about the incident, raising new questions related to Microsoft's security and encouraging calls to investigate the company's practices.

In particular, the post explains how hackers managed to retrieve cryptography keys from an engineer's account and use them to access email accounts they shouldn't have access to.

Microsoft said it had fixed weaknesses that allowed the key to be accessed from an unidentified engineer's account, thus providing hackers with extensive access to steal emails. A Microsoft representative said the engineer's account had been attacked with a "mallware token taker" but did not provide further details about the incident or its time.

The Chinese Embassy in Washington has not yet responded to the email sent. The Beijing government has previously explained that their allegations of stealing emails from leading US officials are baseless "narrative."