Microsoft has accused Russian hackers of a new assault on government agencies and think tanks using an e-mail marketing account of the U.S. Agency for International Development (USAID).
Microsoft Vice President Tom Burt said about this in a blog.
"This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations," he said.
Read also9News Australia sees massive cyber attack amid work on episode on PutinAccording to Burt, this wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations. At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work.
"Nobelium launched this week's attacks by gaining access to the Constant Contact account of USAID. Constant Contact is a service used for email marketing. From there, the actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone. This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network," he said.
"Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020. These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts," Burt added.
