THREAT OPS › Threat News › Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
<p><!-- START MG ACF TO CONTENT --></p> <div style="display: none;"> <section class="mgpb-hero mgpb-hero--detail mgpb-hero--light-blue mgpb-hero--background-image mgpb-hero--image"> <div class="mgpb-hero__image mgpb-hero__image--background"> <img alt="" class="attachment-16-9-large size-16-9-large" height="1080" src="https://www.volexity.com/wp-content/uploads/2025/02/Volexity-Blog-Multiple-Rus
Attributed threat actors
- APT29G0016
MITRE ATT&CK techniques
Indicators of compromise
- https://element.io/url
- https://login.microsoftonline.com/common/oauth2/deviceauthurl
- sheilmagnett@gmail.comemail
- brensonkarl@gmail.comemail
- kaylassammers@gmail.comemail
- kendisggibson@gmail.comemail
- leslytthomson@gmail.comemail
- mikedanvil@gmail.comemail
- susannmarton@gmail.comemail
- 107.189.27.41ipv4
- 144.172.113.77ipv4
- 167.88.162.72ipv4
- 107.189.26.199ipv4
- sen-comms.comdomain
- afpi-sec.comdomain
- chromeelevationservice.comdomain
- comms-net.comdomain
- rosejob.comdomain