Are Educational Cloud Accounts at Risk from Storm-1977?

Apr 28, 2025
News Brief

Storm-1977 has posed a significant threat to the education sector by targeting cloud tenants through password spraying attacks over the past year. The attacks utilize AzureChecker.exe, a command-line tool leveraged to compromise educational accounts. The perpetrators extract AES-encrypted data from external servers, which include lists of targeted credentials. These credentials, along with information from an “accounts.txt” file, are used to infiltrate cloud tenant accounts. Once an account is compromised, attackers create resource groups for deploying more than 200 containers intended for unauthorized cryptocurrency mining.

Microsoft has identified vulnerabilities that could lead to similar attacks, affecting containerized assets like Kubernetes clusters and container registries. Vulnerabilities include compromised credentials, misconfigured management interfaces, flaws within container images, and exploitable software on nodes. Microsoft advises organizations to strengthen the security of container deployments by monitoring Kubernetes API requests, enforcing the use of trusted registries, and ensuring that deployed images are free of vulnerabilities.

This development underscores a growing threat to cloud security. Organizations are strongly encouraged to implement robust defense measures to protect their environments from these sophisticated attacks. As cyber threats continue to evolve, proactive strategies are crucial in safeguarding against emerging risks such as those exemplified by Storm-1977.

Trending

Subscribe to Newsletter

Stay informed about the latest news, developments, and solutions in data security and management.

Invalid Email Address
Invalid Email Address

We'll Be Sending You Our Best Soon

You’re all set to receive our content directly in your inbox.

Something went wrong, please try again later

Subscribe to Newsletter

Stay informed about the latest news, developments, and solutions in data security and management.

Invalid Email Address
Invalid Email Address

We'll Be Sending You Our Best Soon

You’re all set to receive our content directly in your inbox.

Something went wrong, please try again later