The goal is to steal the SharePoint Online credentials via a fake platform landing page. Victims have three attempts to digit the password, all of which will be wrong.
Microsoft cybersecurity experts: The botnet exploits unpatched vulnerabilities in the Spring Framework and WordPress plugins to infect systems with mining malware.
Microsoft cybersecurity experts: It looks like ransomware but is designed to render targeted devices inoperable. It has been detected on dozens of systems and the numbers could grow.
Microsoft cybersecurity experts: The aim is to steal credentials belonging to downstream customer networks. India, Israel, UAE are the most hit targets.