Security News > 2021 > June > SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess passwords and gain access to its customer accounts.
Nobelium is the name assigned by Microsoft to the nation-state adversary responsible for the unprecedented SolarWinds supply chain attacks that came to light last year.
Microsoft said it detected information-stealing malware on a machine belonging to one of its customer support agents, who had access to basic account information for a small number of its customers.
The stolen customer information was subsequently used "In some cases" to launch highly-targeted attacks as part of a broader campaign, the company noted, adding it moved quickly to secure the device.
The development also marks the second time the threat actor singled out Microsoft after the company disclosed earlier this February the attackers managed to compromise its network to view source code related to its products and services, including Azure, Intune, and Exchange.
What's more, the disclosure comes as the U.S. Securities and Exchange Commission opened a probe into the SolarWinds breach to examine whether some victims of the hack had failed to publicly disclose the security event, Reuters reported last week.
News URL
Related news
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)