{"id":52868,"date":"2023-07-21T14:14:53","date_gmt":"2023-07-21T14:14:53","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34821\/Microsoft-Key-Stolen-By-Chinese-Hackers-Provided-Access-Far-Beyond-Outlook.html"},"modified":"2023-07-21T14:14:53","modified_gmt":"2023-07-21T14:14:53","slug":"microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/","title":{"rendered":"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook"},"content":{"rendered":"<p>The private encryption key used by Chinese hackers to break into the email accounts of high-level U.S. government officials disclosed last week also gave them access to a vast array of other Microsoft products, according to new research from cloud security firm Wiz.<\/p>\n<p>On July 11, the Redmond-based tech giant <a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2023\/07\/11\/mitigation-china-based-threat-actor\/\" target=\"_blank\" rel=\"noreferrer noopener\">disclosed<\/a> that a threat actor linked to the Chinese government had \u2014 through an acquired Microsoft private encryption key \u2014 forged authentication tokens that <a href=\"https:\/\/www.scmagazine.com\/news\/cloud-security\/microsoft-blocks-attack-on-cloud-email-accounts-by-chinese-apt-group\" target=\"_blank\" rel=\"noreferrer noopener\">gave them access<\/a> to Exchange Online Outlook email accounts for more than 25 organizations, including government agencies.<\/p>\n<p>In a blog post published Friday, Shir Tamari, head of research at Wiz, <a rel=\"noreferrer noopener\" href=\"https:\/\/www.wiz.io\/blog\/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr\" target=\"_blank\">said<\/a> further investigation has revealed the compromised key would have given the hacking group, which Microsoft calls Storm-0558, access to far more than Outlook, spanning many other Microsoft services that uses the same authentication process.<\/p>\n<p>\u201cOur researchers concluded that the compromised MSA key could have allowed the threat actor to forge access tokens for multiple types of <a href=\"https:\/\/www.scmagazine.com\/brief\/cloud-security\/total-account-takeover-possible-with-microsoft-azure-ad-flaw\" target=\"_blank\" rel=\"noreferrer noopener\">Azure Active Directory<\/a> applications, including every application that supports personal account authentication, such as SharePoint, Teams, OneDrive, customers\u2019 applications that support the &#8216;login with Microsoft&#8217; functionality, and multi-tenant applications in certain conditions,\u201d Tamari wrote.<\/p>\n<p>Wiz said they worked closely with Microsoft in advance to ensure the technical accuracy of their findings.<\/p>\n<figure><img alt=\"A graphic outlining the many Microsoft applications an attacker could access with an identity provider signing key. (Source: Wiz)\" srcset=\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=750&amp;q=75 1x, https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75 2x\" src=\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75\" width=\"697\" height=\"418\" decoding=\"async\" data-nimg=\"1\" class=\"MediaItem_img__WJ8V4\" loading=\"lazy\"><figcaption><em>A graphic outlining the many Microsoft applications an attacker could access with an identity provider signing key. (Source: Wiz)<\/em><\/figcaption><\/figure>\n<p>Another issue flagged in the research: while Microsoft revoked the key and gave detection guidance to organizations, the lack of logging it provides around the token authentication process could make it \u201cdifficult\u201d for customers to detect if forged tokens were used against their applications.<\/p>\n<p>\u201cUnfortunately, there is a lack of standardized practices when it comes to application-specific logging. Therefore, in most cases, application owners do not have detailed logs containing the raw access token or its signing key,\u201d wrote Tamari. \u201cAs a result, identifying and investigating such events can prove exceedingly challenging for app owners.\u201d<\/p>\n<p>The type of key stolen by the hacking group is among the most powerful in modern IT and the flaws it exploits are not unique to Microsoft. It has been used for numerous Microsoft products, including <a href=\"https:\/\/www.scmagazine.com\/news\/cloud-security\/teamtnt-linked-to-stealing-credentials-for-azure-and-gcp-as-well-as-aws\" target=\"_blank\" rel=\"noreferrer noopener\">Azure personal accounts<\/a> and Azure multi-tenant applications, since April 2016 and the public certificate for it expired on April 4, 2021.<\/p>\n<p>Acquiring it would have allowed the actor to stealthily gain \u201cimmediate single hop access to everything, any email box, file service or cloud account\u201d without the need to impersonate a victim\u2019s server. According to Wiz, Microsoft replaced the key sometime between June 27 and July 5, 2023.<\/p>\n<p>The analysis indicates that the key\u2019s access for Azure Active Directory affected applications that worked with version 2.0 of Microsoft\u2019s OpenID and were set to support \u201cPersonal Microsoft accounts only\u201d as well as \u201cmixed audience\u201d and other personal Microsoft accounts on services like Skype and Xbox. Multi-tenant Azure AD applications that used \u201ccommon\u201d version 2.0 key endpoints were also affected. Single tenant applications were not.<\/p>\n<p>While Microsoft developed an extension to limit the ability of these types of keys to gain broad-based access, it placed responsibility for implementing that extension on the shoulders of its users.<\/p>\n<p>Microsoft revoked the affected key, but Wiz warned that a sophisticated APT could have used the access and time to build in backdoors or other forms of persistence into victim systems and accounts. Further, any applications that rely on local certificate stores or cached keys may still be using the corrupted key and would be vulnerable to continued exploitation.<\/p>\n<p>The end result is that the impact from the compromise may be far broader than what Microsoft has disclosed thus far. The pool of Microsoft and customer applications affected number in the millions, and the lack of logging around authentication means many organizations will be in the dark about whether they were compromised through the breach.<\/p>\n<p>&#8220;The full impact of this incident is much larger than is being widely reported and understood. We believe this event will have long lasting implications on our trust of the cloud and the core components that support it, above all, the identity layer which is the basic fabric of everything we do in cloud,\u201d Tamari wrote. \u201cWe must learn from it and improve.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34821\/Microsoft-Key-Stolen-By-Chinese-Hackers-Provided-Access-Far-Beyond-Outlook.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10602],"class_list":["post-52868","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentprivacymicrosoftemailchinadata-losscyberwarcryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-21T14:14:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook\",\"datePublished\":\"2023-07-21T14:14:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\"},\"wordCount\":710,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75\",\"keywords\":[\"headline,hacker,government,privacy,microsoft,email,china,data loss,cyberwar,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\",\"name\":\"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75\",\"datePublished\":\"2023-07-21T14:14:53+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage\",\"url\":\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75\",\"contentUrl\":\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,privacy,microsoft,email,china,data loss,cyberwar,cryptography\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentprivacymicrosoftemailchinadata-losscyberwarcryptography\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-21T14:14:53+00:00","og_image":[{"url":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook","datePublished":"2023-07-21T14:14:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/"},"wordCount":710,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage"},"thumbnailUrl":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75","keywords":["headline,hacker,government,privacy,microsoft,email,china,data loss,cyberwar,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/","name":"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage"},"thumbnailUrl":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75","datePublished":"2023-07-21T14:14:53+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#primaryimage","url":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75","contentUrl":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F07%2FScreenshot-2023-07-21-at-9.34.49-AM.png&amp;w=1920&amp;q=75"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-key-stolen-by-chinese-hackers-provided-access-far-beyond-outlook\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,privacy,microsoft,email,china,data loss,cyberwar,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentprivacymicrosoftemailchinadata-losscyberwarcryptography\/"},{"@type":"ListItem","position":3,"name":"Microsoft Key Stolen By Chinese Hackers Provided Access Far Beyond Outlook"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52868","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52868"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52868\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52868"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52868"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52868"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}