Microsoft - Chinese hacking of officials in the US Departments of State and Commerce

Microsoft announced on Wednesday the recently discovered Chinese cyberattack targeting senior officials in the U.S. Departments of State and Commerce. Regarding this incident, Microsoft revealed that the breach occurred through the compromise of one of the company's employee work accounts.

Reports indicate that a hacking group known as "Storm-0558" is responsible for the compromise of the mentioned engineer's account. This group managed to steal hundreds of thousands of email messages from top U.S. officials, including Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns, and Assistant Secretary of State for East Asian Affairs Daniel Kritenbrink.

Regarding the incident, Microsoft published a post raising unanswered questions, prompting a renewed scrutiny of the company's security and calls for an investigation into its practices.

Microsoft explained in the post how the hackers succeeded in extracting the encryption key from the engineer's account and used it to access email accounts they were not supposed to have access to.

A representative from Microsoft noted that the engineer's account was compromised using malware designed to steal credentials, but did not provide further details about the incident or its timing.

It is worth mentioning that the Chinese government had previously denied allegations of stealing email messages from top U.S. officials, considering them baseless narratives.