You probably didn’t hear it here first but the incredibly impressive thing about modern hacking groups is how darned cheap they are – in every sense of that word.

Why pay for cloud services when you can borrow free ones from large providers? Or, for that matter, make your own malware when you can re-purpose well-engineered tools made by other, more talented people?

It’s the low-budget MO that seems to get the people behind the allegedly Chinese Gadolinium hacking group out of bed in the morning, at least according to a new Microsoft report on the group’s recent activities.

In its detecting empires in the cloud report, the company details how in mid-April the Microsoft Threat Intelligence Center (MSTIC) spotted and suspended 18 Azure Active Directory applications that were being used by the threat