Blog Summary- Recent news declares that Office 365 malware attacks were not unknown to Microsoft. Did Microsoft have a reason for ignoring it?
A recent tweet has spun a controversy with a big reveal and the lack of security in none other than one of Microsoft’s popular products, Office 365. Yes, it might come as a shock to us that the Windows PC and its services, which are popularly used worldwide, are not making any effort to keep us safe. To know what we are talking about, read on!
A cybersecurity expert(The Analyst) along with former Microsoft’s security analyst (Kevin Beaumont) have claimed that Office 365 hosted malware on its service for a long time. Appalled, aren’t you? Thinking about how a company as big as Microsoft could fail to give us the protection we expect by paying for its services.
The Controversial Tweet That Raised A Question On Microsoft’s Security Expertise?
It all started with the enraged tweet from a Twitter user with the handle The Analyst. They were complaining about the inability of Microsoft to clear out the malware from its OneDrive and Office 365. They showed up with the snapshot of the OneDrive with multiple threats shown on it.
The Tweet from The Analyst reads –
“You all have read how #BazarLoader #BazaLoader leads to #ransomware,n particular #conti that doesn’t care that they target healthcare etc? Does @Microsoft have any responsibility in this when they KNOWINGLY are hosting hundreds of files leading to this, now for over three days?
This tweet from the cybersecurity researcher tells us how the malware named BazarLoader, also known as BazaLoader, is behind the ransomware attacks affecting the healthcare industry. With this malware being hosted on Microsoft services, will they take any responsibility for these attacks? BazarLoader is a dangerous malware that is known to sneak into computers and make them vulnerable for further attacks.
It is a known fact that Windows sees a large number of ransomware attacks. OneDrive became the current target with its lack of security for its users. This has sparked doubt among the Windows users for whether using Microsoft services such as Office 365 and OneDrive are safe at all?
To add to all this the affirming reply from the former Microsoft security analyst Tweeted –
Kevin Beaumont said – “Amusingly, while at MS we built a pipeline to alert Google Drive about Bazarloader to have the links taken down, hence why it happened so quickly (literally minutes). Now they’ve moved to Microsoft infrastructure, who have the pipeline, but can’t get Office to remove the files.”
This is something that added fuel to the fire about Microsoft’s carelessness about the vulnerability. Kevin mentioned how Microsoft used to provide security alerts to Google Drive previously, and ironically missed it for Office 365, their product. This depicts the complete negligence on their part. He clearly states that they should not be calling themselves security experts when they fail to remove the malware links from OneDrive.
This statement was in context to the previous malware hosted on other platforms such as Google and Cloudflare. Not only this, he Tweeted again with the proof of how it is also very hard to remove the malware from one’s account.
Kevin Beaumont Tweeted – Before the train of MS employees arrive saying ‘just report it’, try getting them and future ones taken down yourselves. I did. It was a disaster.
Check out Microsoft’s average reaction time (to abuse reports). They’re the world’s best malware holster for about a decade, due to O365.
This was again making a statement to show light to the ones who are not ready to believe the allegations. He also denied Microsoft’s claim of Windows Defender being capable of dealing with the malware. Thus, making OneDrive the true malware host from the past many years.
What Microsoft Said?
Earlier Microsoft defended and made statements where they ensured the security of its services. However, after the claims and hundreds of malware links shown by researchers, they started working on it. While a website with all the malware links reported has been taken into consideration. They did a clean drive to remove the malware links after being called out in public, although the BazarLoader malware links keep popping every day.
Wrapping up –
After all that is going down, we just expect more safety from Microsoft. We hope that Microsoft works lengths to remove malware from its services that are targeting the users. Moreover, we expect Microsoft to keep its eyes open for all such vulnerabilities in the future. Thus, bringing back the accessibility and comfort of using Windows PC with Microsoft services.
We hope this article will help you learn how Microsoft had known all about the malware attacks these years and how they neglected the issue until it was highlighted. We would like to know your views on this post to make it more useful. Your suggestions and comments are welcome in the comment section below. Share the information with your friends and others by sharing the article on social media.
We love to hear from you!
We are on Facebook, Twitter, and YouTube. For any queries or suggestions, please let us know in the comments section below. We love to get back to you with a solution. We regularly post tips and tricks along with solutions to common issues related to technology.