Summary: The legacy Microsoft Stream domain was hijacked to display a fake Amazon website promoting a Thai casino, affecting SharePoint sites with embedded videos. Users reported that their SharePoint pages showed spam instead of the intended video content. Microsoft has since taken measures to prevent further access to the compromised domain.
Affected: Microsoft Stream, SharePoint
Keypoints :
- The domain microsoftstream.com was redirected to a phishing site as of March 27, 2025.
- SharePoint sites using embedded videos from the classic domain displayed a spam page instead.
- Microsoft is investigating the incident but has not disclosed specific details about the hijack.
- The threat actors did not attempt to distribute malware, minimizing the impact of the hijack.