tldrdaily.news logo

Azure Serial Console Exploited by Hackers for VM Access and SIM Swapping Attacks

1 min read
Source: BleepingComputer
Azure Serial Console Exploited by Hackers for VM Access and SIM Swapping Attacks
Photo: BleepingComputer
TL;DR Summary

A financially motivated cybergang known as UNC3944 is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines. They abuse the Azure Serial Console to install remote management software for persistence and use Azure Extensions for stealthy surveillance. UNC3944 aims to steal data from victim organizations using Microsoft's cloud computing service. The attack demonstrates the group's deep understanding of the Azure environment and how they can leverage built-in tools to evade detection.

Topics:technology#azure#cybersecurity#remote-access#sim-swapping#unc3944#virtual-machines
Share this article
  1. Hackers use Azure Serial Console for stealthy access to VMs  BleepingComputer
  2. SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack  Mandiant
  3. View Full Coverage on Google News

Reading Insights

Total Reads

0

Unique Readers

0

Time Saved

3 min

vs 4 min read

Condensed

90%

76580 words

Want the full story? Read the original article

Read on BleepingComputer