Chinese Threat Actor Storm-0940 Uses Credentials From Password Spray Attacks From A Covert Network
We assess this adversary is focused on espionage, such as. Microsoft warns that chinese threat actors use the quad7 botnet, compromised of hacked soho routers, to steal credentials in password. It protects your end users against the use of more than 4 billion unique known compromised passwords, including data from both known leaks as well as our own honeypot system that collects passwords being used in real password spray attacks. The capabilities observed in this campaign are concerning as microsoft saw peach sandstorm use legitimate credentials (gleaned from password spray attacks) to. A major chinese botnet called quad7 is being utilized to mount password spray attacks against.