Microsoft Claims Embassy Cyber-Spying in Moscow – But Offers Few Details

Microsoft is raising alarms over what it says is a long-running cyber-espionage operation targeting foreign embassies and diplomatic offices in Moscow.

In a blog post on Thursday, the company’s Threat Intelligence team claimed a hacking group known as “Secret Blizzard” or “Turla” has been active since at least 2024, allegedly using local internet service providers (ISPs) to spy on diplomats.

According to Microsoft, the hackers may be installing custom backdoors on computers linked to these networks, giving them a way to drop more malware and steal sensitive data. The tech giant didn’t name which embassies were supposedly targeted or share hard evidence that could be verified independently.

So far, nobody outside Microsoft has confirmed the claims. Russian officials haven’t commented, and neither the US State Department nor other diplomatic offices have weighed in.

This isn’t the first time Turla’s name has popped up in cybersecurity circles – researchers have linked the group to government and media hacks worldwide for nearly 20 years. But as with many high-profile cyber-spying allegations, the details remain murky, and independent proof is hard to come by.

With input from Al Jazeera