Security News > 2021 > May > CISA-FBI Alert: 350 Organizations Targeted in Attack Abusing Email Marketing Service

An alert released on Friday by the FBI and the DHS's Cybersecurity and Infrastructure Security Agency revealed that the number of organizations targeted in a recent attack abusing a legitimate email marketing service was higher than initially reported.

Microsoft reported last week that the Russia-linked threat actor it tracks as Nobelium, which is believed to be responsible for the SolarWinds supply chain attack, had been abusing a legitimate mass email service named Constant Contact to target government and other types of organizations in the United States and a dozen other countries.

According to the FBI and CISA, the attackers actually sent spear-phishing emails to over 7,000 accounts at 350 organizations, including government, non-governmental and intergovernmental organizations.

In their joint alert, CISA and the FBI acknowledge the reports linking the USAID-themed attack to APT29, but the agencies say they have yet to attribute the campaign to any threat actor.

In their alert, the two agencies don't mention the link to the SolarWinds attack and they don't name the government agency being impersonated.

CISA and the FBI have shared indicators of compromise that organizations can use to detect attacks.

News URL

http://feedproxy.google.com/~r/securityweek/~3/3Mkwyh5Mtjo/cisa-fbi-alert-350-organizations-targeted-attack-abusing-email-marketing-service