Windows 365: Hacker has already managed to steal passwords and usernames

Windows 365 has already been hacked. A few weeks after the launch of the PC cloud solution, a hacker was able to obtain the passwords and usernames of some customers. Cybersecurity researcher, the hacker detailed how he managed to circumvent the security measures implemented by Microsoft.

Credit: Microsoft

In mid-July, Microsoft finally lifted the veil on Windows 365. This online service for the PC provides access to a copy of Windows 11 on any device, whether it’s a computer, tablet or smartphone. Aimed at companies, the service is offered from 18.20 euros / month.

Just weeks after the release of Windows 365, computer security researcher Benjamin Delphy succeeded. bypass Microsoft’s security measures to steal passwords and usernames. Vulnerability expert, the expert detailed the process to alert Microsoft about your Twitter account.

Hacker explains how he broke into Windows 365

As he explained to our colleagues at Bleeping Computer, he was able to extract the usernames (email address) and passwords of the users in a plain text file via Windows 365. With a little experience, he was able to collect data for all connected users simultaneously. To achieve this exploit, the hacker used Mimikatz, an open-source tool that allows cybersecurity researchers to quickly test vulnerabilities.

Benjamin Delphy explains that he went through a free Windows 365 subscription to test the vulnerability. Until recently, Microsoft actually offered a free trial offer. Unfortunately, the software publisher was forced to abandon this free offer in the face of strong demand.

Thanks to this information, the hacker explains that he is able to sign into another Microsoft service account as well as within a company’s internal network. “It’s like clearing passwords from a normal session. If I can clear your password on Windows 365 sessions, I can use it on other systems where you might have more privileges, data, etc. ”, details Benjamin Delphy. For now, Microsoft has not reacted to the expert’s discovery.

Source: biping computer




Recent Articles

Related News

Leave A Reply

Please enter your comment!
Please enter your name here