According to Microsoft SolarWinds hackers are targeting 150 organizations. The Russian based hacking group has launched a new campaign, it appears to be targeting a number of government and non-government organizations
Microsoft in its blog post suggests Nobelium launched current attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID.
They managed to send phishing emails to more than 3000 users’ email accounts, to lure them into handing over sensitive information or downloading harmful software, according to the tech giant.
What is the Hack all about?
According to Microsoft, Nobelium gained access to an email marketing account used by the U.S Agency for International Development, the federal government’s aid agency, on a platform called Constant Contact.
Microsoft said when users click the link, a malicious file gets installed on their system. This allows Nobelium to gain access to the compromised machines.
Microsoft was able to detect the attack through the work of its threat intelligence center in tracking “nation-state actors.”
According to Microsoft President Brad Smith, it is “the largest and most sophisticated attack the world has ever seen.”
The agency further said, “USAID has notified and is working with all appropriate Federal authorities, including the U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA).”
Bazaloader Phishing Attack Tricks People into Installing Malware on their Windows PC
Self-Defending SSD That Protects Data From Ransomware Attacks
Microsoft Warns Users of Data Stealing Malware it Pretends to Be Ransomware