Microsoft: Russian hackers launch attack through USAID email system

Microsoft: Russian hackers launch attack through USAID email system

Attack linked to same hacker group behind sweeping SolarWinds attack

By Michael Hernandez

WASHINGTON (AA) - A Russian hacker group known as Nobelium has launched another sweeping cyber attack, this time using the US Agency for International Development's (USAID) email system, Microsoft has said.

The attack, which is suspected of targeting 3,000 email accounts at over 150 different organizations, was carried out by the same hacking group behind the SolarWinds hack, Microsoft said in a blog post on Thursday.

The SolarWinds cyber attack, which used software updates to compromise thousands of computer systems, led to the US expelling 10 Russian diplomats from the country, and imposing sweeping sanctions on 32 Russians.

Nobelium's most recent attack used USAID's email system to launch a phishing attempt that targeted 3,000 email accounts at over 150 organizations in at least 24 countries. Human rights-focused think tanks, consultant groups and non-governmental organizations were among the targets.

The phishing emails appeared authentic, but had a link that downloaded a malicious file when it was clicked. It installed a backdoor to the computer system Microsoft calls "NativeZone" that "could enable a wide range of activities from stealing data to infecting other computers on a network."

Part of the reason behind the attack is to "gain access to trusted technology providers and infect their customers"

"By piggybacking on software updates and now mass email providers, Nobelium increases the chances of collateral damage in espionage operations and undermines trust in the technology ecosystem," Microsoft said.

"This is yet another example of how cyberattacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives, with the focus of these attacks by Nobelium on human rights and humanitarian organizations," it added.

Microsoft appealed for the international community to establish "clear rules governing nation-state conduct in cyberspace and clear expectations of the consequences for violation of those rules."

Kaynak:Source of News

This news has been read 281 times in total

ADD A COMMENT to TO THE NEWS
UYARI: Küfür, hakaret, rencide edici cümleler veya imalar, inançlara saldırı içeren, imla kuralları ile yazılmamış,
Türkçe karakter kullanılmayan ve büyük harflerle yazılmış yorumlar onaylanmamaktadır.
Previous and Next News