Security News > 2021 > May > Microsoft: SolarWinds hackers target govt agencies from 24 countries
The Microsoft Threat Intelligence Center has discovered that the SolarWinds hackers are behind an ongoing spear-phishing campaign targeting government agencies worldwide.
"While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries."
The threat actors behind these attacks, a hacking group tracked as Nobelium by Microsoft and likely backed by the Russian government, sent the phishing emails using USAID's compromised Constant Contact account.
More details, including the attackers' motivation, the malicious behavior observed by Microsoft during the attacks, and best practices to defend against this ongoing campaign, can be found in MSTIC's report.
In December, the SolarWinds network management company was breached in a cyberattack that allowed the attackers to launch a supply chain attack targeting the company's customers.
The hacking group behind the SolarWinds supply-chain attack is tracked as Nobelium, NC2452, StellarParticle, SolarStorm, and Dark Halo.
News URL
Related news
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)