The SolarWinds hacker group who carried out one of the most comprehensive and sophisticated cyber-attacks last year is again in the spotlight.
In late May, Nobelium carried out a large-scale phishing attack by compromising the email marketing system used by the United States Agency for International Development (USAID).
Microsoft has once again drawn attention to the attack as it was indirectly affected.
One of its product support subcontractors was hacked, and customer billing data was allegedly stolen – the attack was carried out by the same hacker group Nobelium that coordinated the SolarWinds hacks last year.
While using traditional phishing methods, the attack was largely unsuccessful. Microsoft again urges those affected or potentially affected to strengthen their security defenses to better protect against similar attacks.
Based on Microsoft's latest analysis, the most recent attack primarily targeted companies in the IT industry (57% of the affected this sector), but many other businesses and agencies were also targeted. Thirty-six countries were affected, with the most attacks occurring in the United States of America (about 45%).
Thus far, investigations have shown that the attackers have succeeded on only three occasions, one of which was an unnamed Microsoft subcontractor that accessed a range of billing data.
Microsoft said that the attackers used the data obtained to carry out further targeted attacks. All the affected companies have been informed about the incident, and the compromised access has been blocked.
Source: https://msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity/
