- Recently an old Microsoft Stream domain was kidnapped
- Many SharePoint sites with integrated videos showed the malicious content
- Microsoft quickly addressed the problem, so users must now update
A retired Microsoft domain was kidnapped and used in a spam campaign, experts warned.
Microsoft used to have a business exchange business platform called Stream, where organizations could load, manage and share video content safely. In April 2024, he was retired and replaced by Microsoft Stream in SharePoint.
The key difference is that the videos were no longer stored separately on the transmission platform, but in OneDrive and SharePoint, so that they are more accessible through Microsoft 365 tools such as equipment, Yammer or PowerPoint.
“Appropriate action”
Today, almost a year after migration, the news came out that the inherited domain, Microsoftstream.com, was kidnapped and used to show a false Amazon site that announces a Thai casino.
The biggest problem with this attack is that all SharePoint sites with old integrated videos were showing spam in their facilities.
Bleepingcomputer They found several users complaining about Reddit acquisition:
“This afternoon, a user reported a suspicious website in our intranet, which is using Microsoftstream.com. After an analysis, it turns out that the domain is currently redirecting an incomplete website signed by ‘Ibiza99’,” said a user. “Here there is an interesting one for everyone. I just received a call that our SharePoint site was showing spam instead of embedded videos. Interesting, I thought. I wonder how that could happen,” added another.
No more information about the attack was shared, but Microsoft was soon notified about change and quickly moved to remedy the problem, stating: “We are aware of these reports and have taken the appropriate measures to even more access access to the affected domains.”
Apparently, the old domain could have been in more sinister campaigns, distributing malware through false software updates, for example. However, good news is that the attackers chose at least harmful: a spam campaign.
