Microsoft reports large-scale hacker attack, Russian Federation is suspected

Source : 112 Ukraine

Hackers gained access to the United States Agency for International Development (USAID) account in the Constant Contact e-mail service
13:43, 28 May 2021

Russian hackers

Microsoft recorded this week a large-scale hacker attack on U.S. and foreign government agencies and think tanks using phishing, the company's press service reported this.

"This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations. This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations. While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries. At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work. Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020. These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts," the message reads.

Nobelium launched this week’s attacks by gaining access to the Constant Contact account of USAID. Constant Contact is a service used for email marketing. From there, the actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone. This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network.

Related: European Union extends the sanctions imposed for hacker attacks for a year

Earlier it was reported that a dozen of states on the U.S. East Coast suffered fuel shortage after the brief shutdown of the Colonial Pipeline company's facility. That, in turn, was caused by the hacker attack on the infrastructure.  

Related: Number of cyberattacks on Ukraine increased: SBU warns of activation of Russian hackers

Система Orphus

If you find an error, highlight the desired text and press Ctrl + Enter, to tell about it

see more