Kaspersky compromised token

Type

Actors

Pub. date

November 1, 2021

Initial access

Impact

Data exfiltration

References

https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/

Status

Not started

Last edited

Mar 6, 2025 3:24 PM

An access token, with permissions to SES, was stolen from a Kaspersky third party contractor. The compromised token was used by threat actors behind a spear-phishing campaign targeting Office 365 users.