From ComputerWorld: Microsoft users have been hit by a massive, automated password spray attack.
Among those targeted by the attack were clients of security company Huntress. It reported that the attackers made 81 million attempts to log into its customers’ accounts between June 12 and 26 — and succeeded in at least 78 cases.
And that’s just the attacks on Microsoft account holders who also happen to be Huntress customers: The number of compromised accounts could be much higher, as it’s in the nature of a password spray attack to attempt to connect indiscriminately.
The attacks all came from a single source, an IPv6 address range controlled by internet provider LSHIY LLC, Huntress said in a blog post. LSHIY has since terminated access for the customer using the IP addresses involved in the attack.
View: Full Article