Security News > 2021 > June > SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers

The spies who backdoored SolarWinds' Orion software infiltrated Microsoft's support desk systems last month and obtained information to use in cyber-attacks on some of the Windows giant's customers, it was reported.

Microsoft customers targeted by the support desk intruder have been alerted.

The caper was detected during what sounds like an investigation into a wider phishing campaign that, as it turned out, hooked a Microsoft support agent, who had access to customers' contact information, lists of their cloud subscriptions, and other records.

"A sophisticated nation-state associated actor that Microsoft identifies as NOBELLIUM accessed Microsoft customer support tools to review information regarding your Microsoft Services subscriptions," the IT giant told those clients, Reuters reported first on Friday.

The scheme, dubbed Rally, will let Firefox users install a plugin that lets them share some of their user data and personal information with academics researching how people use the internet and what data they are actually having to share to do so.

"Cyber Flag 21-2 tested the best and brightest cyber protection teams. This exercise assessed their tactical cyber skills while collectively improving our cyber resiliency. I'd also like to congratulate the Royal Canadian Navy's Cyber Protection Team, the winner of this year's event," said General Paul Nakasone, US Cyber Command commander, presumably through slightly gritted teeth.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/06/26/in_brief_security/