Microsoft Alerts on Void Blizzard Hackers Targeting Telecommunications and IT Sectors

Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as Void Blizzard, also known as LAUNDRY BEAR.

Assessed with high confidence to be Russia-affiliated, Void Blizzard has been active since at least April 2024, focusing its cyberespionage operations on NATO member states and Ukraine.

The group’s primary targets include critical sectors such as telecommunications, information technology, defense, healthcare, government, media, NGOs, and transportation, with a clear intent to gather intelligence supporting Russian strategic objectives.

Threat Actor Intensifies Cyberespionage Efforts

The overlap in targeting with other Russian state-sponsored actors like Forest Blizzard and Midnight Blizzard highlights a coordinated effort in espionage and intelligence collection, posing a heightened risk to nations supporting Ukraine militarily or through humanitarian aid.

Void Blizzard’s operations, while not uniquely sophisticated among advanced persistent threat (APT) groups, demonstrate alarming success due ...