A botnet has been discovered to have compromised over 130,000 devices. The botnet is launching coordinated password-spraying attacks against Microsoft 365 accounts. Security researchers are looking at possible connections to Chinese affiliated threat actors, as they have found evidence of infrastructure linked to China. While password spraying is a well-known technique, this campaign is a significant scale. Additionally, it exploits a critical security blind spot, as attackers are able to operate without triggering multi-factor authentication. Organizations which heavily use Microsoft 365 for email, document storage, and collaboration may be at risk, and many industries are implicated. 

Read more: https://www.helpnetsecurity.com/2025/02/24/botnet-hits-microsoft-365-accounts/