Subscription hijacking on Microsoft Azure

1.0RiskInsighthttps://www.riskinsight-wavestone.com/en/Subscription hijacking on Microsoft Azure - RiskInsightrich600338<blockquote class="wp-embedded-content" data-secret="jhyJBcdpke"><a href="https://www.riskinsight-wavestone.com/en/2026/03/subscription-hijacking-on-microsoft-azure/">Subscription hijacking on Microsoft Azure </a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.riskinsight-wavestone.com/en/2026/03/subscription-hijacking-on-microsoft-azure/embed/#?secret=jhyJBcdpke" width="600" height="338" title="“Subscription hijacking on Microsoft Azure ” — RiskInsight" data-secret="jhyJBcdpke" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /* <![CDATA[ */ /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://www.riskinsight-wavestone.com/wp-includes/js/wp-embed.min.js /* ]]> */ </script> https://www.riskinsight-wavestone.com/wp-content/uploads/2026/03/Image5.png726484Subscription hijacking is a cloud attack first identified on Microsoft Azure: it consists of an attacker successfully transferring an Azure subscription from its original Azure organization to an organization under malicious control. This attack allows the attacker to take full control of the subscription and its content and even continue billing the original organization for their use of the stolen subscription.