Recently, Microsoft issued a statement in which the tech giant denied rumors about its communication team and collaboration platform being used by cyber-perps to plant ransomware in enterprise networks. Origin of the rumor is still unknown, but the rumor made its rounds on the internet from early November after attacks on various companies in Spain. The twitter accounts that were not part of the investigation put forward a statement that Microsoft teams were the infection point. When Spanish news outlets published about this issue without any merit, the rumor gained significant momentum. Director of Incident Response at the Microsoft Security Response Center (MSRC) Simon Pope stated that the company had been actively investigating all the recent attacks caused by malicious actors using Dopplepaymer ransomware.
Security teams at Microsoft investigated this issue, and they found no evidence to support these allegations. They also found that this malware depends on human operators that use existing Domain Admin credentials to infect enterprise networks. The tactic to gain access to one computer in the enterprise and extract credentials to spread the infection to other computers is common. Windows Defender provides protection against malware attacks, and the company is also committed to providing help to governments and businesses to prevent cyber threats.