Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

A

Admin User

Administrator of InfoSecCenter. Passionate about cybersecurity, information security, and technology.

Save

A sophisticated and large-scale password spray attack targeting Microsoft's Azure command-line interface has raised alarms in the cybersecurity community, with researchers identifying at least 78 compromised accounts amid more than 81 million unauthorized access attempts. According to threat intelligence from Huntress, this organized campaign has been actively targeting Azure CLI endpoints between June 12 and June 26, originating from an IPv6 address range (2a0a:d683::/32) controlled by infrastructure provider LSHIY LLC, operating under AS32167. The sustained nature of this attack suggests a determined effort to breach cloud environments through credential exploitation.

Password spray attacks represent a particularly insidious threat vector because they avoid triggering common security mechanisms that block multiple failed login attempts from a single source. Instead, threat actors distribute their attempts across numerous accounts using a limited set of commonly used passwords. This technique allows them to remain undetected while maximizing their chances of finding valid credentials. In this case, the attackers specifically focused on the Azure CLI, a powerful tool used

Share

Shares: 0
LinkedIn WhatsApp Pinterest Print

You might also like

Comments (0)

Leave a Comment

No comments yet. Be the first to comment!