Posted on June 7, 2023 at 4:17 AM

Outlook.com Experiences Outages After DDoS Attack

Oulook.com has been facing a series of outages after experiencing downtime several times yesterday. The outages have been attributed to a hacking campaign by the Anonymous Sudan hacktivist group. The group has claimed to be responsible for a DDoS attack that happened on the platform.

Outlook.com experiences outages

The outage experienced on Outlook.com has created massive disruption for Outlook users globally. The outages prevented users globally from accessing and sending emails reliably. These outages have also prevented users from accessing the mobile Outlook app.

Users of Microsoft Outlook have taken their complaints on the matter on Twitter. These complaints revolve around the issues that users have been having accessing and using email services. Some users have also said that the outage has affected their productivity.

A statement that was released by Microsoft on the matter said that the outages were caused by a technical issue on the platform. The tech giant also posted on Twitter, revealing a series of updates that were being done on the platform. The tweet published by Microsoft also said that it had identified the effect of this impact and it had started some mitigation measures to guarantee that it does not happen again.

The tweet also said, “Telemetry indicates a reduction in impact relative to earlier iterations due to previously applied mitigations. Further details about the workstreams are in the admin center via MO572252.”

Hacktivist group claims responsibility for DDoS campaign on Microsoft Outlook

Microsoft has also claimed that technical issues were behind the outages, but a hacktivist group known as Anonymous Sudan has claimed responsibility for these outages. The hacker group claimed that it had performed distributed denial-of-service (DDoS) attacks on Microsoft to protest against the United States being involved in the internal affairs of Sudan.

Anonymous Sudan posted a message on Telegram revealing that it had targeted Microsoft. The group said that it could continue launching exploits against US companies and government infrastructure because of the US meddling in Sudan’s affairs.

“We can target any US company we want. Americans, do not blame us, blame your government for thinking about intervening in Sudanese internal affairs. We will continue to target large US companies, government, and infrastructure,” the hacker group said.

The group has also been taunting Microsoft with messages bragging about the attack. The group claimed that it had successfully conducted a DDoS campaign against Microsoft Outlook and Microsoft 365 services.

In its Telegram page, the hacker group also said that it was exploiting the services offered by Microsoft. The group noted that the fate of Microsoft services, which is a platform used by hundreds of millions of people daily, was under its command. It also added that Microsoft had failed to repel the DDoS attack despite it lasting for hours.

The hacker group has further taunted Microsoft, saying that the company lacked skilled cybersecurity experts. They urged the company to pay them $1 million to teach its cybersecurity team ways to mitigate the attack and for the hackers to stop the campaign.

Anonymous Sudan also shared the check-host URLs, which show that they were targeting “https://outlook.live.com/mail/o/.” This address is the main URL that is used for Outlook.com web services.

The claims made by Anonymous Sudan have yet to be authenticated. However, the Outlook service has remained rather slow, and it has been plagued by many outages that have happened in the last 24 hours. Microsoft has also yet to release a statement about the claims made by the hacktivists.

The outage on Outlook services comes as Microsoft patched a security vulnerability on the service early last month. The flaw in question could have allowed hackers to bypass all recent fixes on a critical Outlook zero-day vulnerability that was exploited.

The zero-day flaw is known as CVE-2023-29324, and it affects all the supported versions of Windows devices. The flaw was reported by Ben Barnea, a security researcher at Akamai Security. The flaw affects all the supported versions of Windows, leaving all Outlook client versions open to being exploited.

The zero-day flaw on Outlook was patched in March, and it could allow hackers to steal NTLM hashes without interactions with the users in the case of NTLM-relay attacks. Hackers could exploit the bug by sending messages with extended MAPI features with UNC paths, leading the Outlook client to connect to SMB shares that in their control.

Microsoft addressed the flaw by having a MapUrlToZone call that ensures UNC paths are not connected to internet URLs and by also replacing the sounds using default reminders.