Apparently, hackers behind Microsoft outlook breach stole users' bitcoins
A few weeks back, we reported about the breach of Microsoft's primary consumer email service, Outlook. Initially, Microsoft said the hack compromised users' email addresses, contacts, folder names, and subject lines but then it said some users' email content was also accessed. Now, as it seems, some of these users' email access was also used to steal their Bitcoins. Here's what happened.
1 Bitcoin stolen using hacked Outlook account
Just recently, Jevon Ritmeester, a user whose Outlook account was compromised, told Motherboard that the hackers used the access for stealing 1 Bitcoin, which is over Rs. 3.70 lakh, from his wallet. He claimed that the hackers had set up his account in such a way that any email mentioning the term 'Kraken' (crypto-exchange) was forwarded to a Gmail account controlled by them.
Hackers used the email for stealing money
After all emails related to 'Kraken', including those for password resets and withdrawal requests, were forwarded to the hackers, they were able to get hold of Ritmeester's account and steal 1 bitcoin from the target. He added two-factor authentication on his Kraken account could have prevented the crypto-attack, which he figured only after checking the trash folder of his email.
And, this was not the only case of crypto theft
As Motherboard noted, this wasn't the only case of cryptocurrency being stolen due to the Outlook breach. Earlier this month, a compromised user took to Reddit to report that their "account was hacked as a direct result of this," resulting in a loss of 25,000 in crypto (currency unknown). A third user reported the same theft but without revealing the amount of money stolen.
What Microsoft had to say about this
In the wake of these complaints, a spokesperson from Microsoft told Motherboard that the victims should get in touch with the company. "Customers who believe they have been impacted beyond what was outlined in the company's notification should contact the Microsoft support team for assistance," the representative said, without providing any information on how many users might have lost their money this way.
How the Outlook attack was carried out
To recall, Microsoft apprised about the breach through an email on April 14, where it claimed that the issue stemmed from the compromised credentials of one of its support agents. The company said the hackers were able to access select accounts between January 1 and March 28, 2019, but did not provide any information on the total number of users impacted from the issue.
Notably, same email hack was used for iCloud unlocks
Some reports have even highlighted that the Outlook access of some accounts was used by the hackers to reset iCloud accounts of stolen iPhones. This would have allowed them to remove a security lock from the stolen devices and sell them off in the black market. However, in this case, too, there's no word on the number of affected users.