The group, which Microsoft calls the Nobel Prize, has sent 3,000 email accounts to various organizations this week “Most of them are in the United States,” the company said in a statement Thursday. The hackers were part of the same Russian group behind last year’s devastating attack on SolarWinds, a software provider that targeted at least nine US federal agencies and 100 companies, he said.
The hackers behind one of the worst data breaches ever to hit the US government have launched a new global cyberattack on more than 150 government agencies, think tanks and other organizations, according to Microsoft https://t.co/4nzE2TfPFe
— CNN Breaking News (@cnnbrk) May 28, 2021
Ever since the information was leaked that hackers had malicious code in a tool published by SolarWinds, Cybersecurity has been a concern of the US government.
FBI comment after this cyber attack
A ransomware attack that shut down one of the most important parts of the US energy infrastructure – the colonial pipeline – earlier this month, only increased anxiety.
According to the FBI, the attack was carried out by a criminal group of Russian origin.
Microsoft said at least a quarter of this week’s targets were involved in international development, humanitarian work and human rights in at least 24 countries.
The article says Nobelium launched the attack with access to a permanent marketing account used by the United States Agency for International Development (USAID).
The company said: The attacks appear to be a continuation of several Nobel efforts to target government agencies involved in foreign policy as part of their intelligence-gathering efforts.
The Department of Homeland Security and the State Department did not immediately respond to a request for comment.
The cyberattack was for USAID
With access to a USAID account, hackers were able to send phishing emails that Microsoft said were “valid but have a link that clicks on a malicious file” that allowed hackers to gain access to computers from behind the door.
Microsoft said: This backdoor can steal a wide range of activities from infecting other computers on the network.
One of the fake emails, which appears to have originated from USAID, Includes a valid sender address. The email is presented as a “special signal” and recipients are invited to click on the “Document Review” link for former President Donald Trump on the election.
Microsoft said many attacks were automatically blocked. The company informed and targeted customers who were targeted. There is no reason to believe these attacks involve exploitation or vulnerabilities in Microsoft products or services.
US intelligence agencies said during the SolarWinds hack that the group in charge “probably originated in Russia.” He added that the attack was considered an act of espionage.
Microsoft reiterated this suspicion in a blog post on Thursday, saying that when combined with an attack on SolarWinds, it is clear that part of the Nobel gamebook is access to reputable technology vendors and infecting its customers.
The company said: With support for software updates and now widespread email providers, Nobelium increases the likelihood of further damage to spyware and undermines the credibility of the technology ecosystem.
The current attack is not the first because such attacks have been seen in the United States before, with US security intelligence always blaming Russia.