“The goal of DEV-0537 actors is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. The tactics and objectives indicate that it is a cybercriminal actor motivated by theft and destruction, “says the firm.
Microsoft maintains that the leaked code is not serious enough to cause an elevation of risk and that its response teams have shut down the hackers’ operation.
“No client code or data was involved in the observed activities. Our investigation has found that a single account was compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.
However, it does point out that part of this cyberattack is to give the group of hackers notoriety, since in the investigation it has been noted that they do not seek to hide their tracks and seek to be identified as the cause.