Another major cyberattack has recently hit several companies and government institutions. The origin of the attacks points to the same group that is responsible for the SolarWinds breach!
Microsoft warns that the Russian hacker group behind the recent SolarWinds attack has launched a new, wide-ranging offensive against the US and international government agencies, public organizations, research centers, and NGOs.
According to the company, this time, the targets were mainly humanitarian and human rights organizations.
Investigations suggest that the wave of attacks may have affected around 3000 email accounts used by about 150 organizations – the majority of the targets were in the US.
According to Microsoft, the attack was carried out by a hacker group called Nobelium, who compromised the email marketing system used by the United States Agency for International Development (USAID).
After gaining control of the system, the attackers sent out well-crafted phishing emails in a classic disguise to the targets, spreading the NativeZone malware.
Thankfully the attack has been automatically blocked on most targets since Windows Defender recognizes and stops NativeZone before it can take over a system. Microsoft has notified all potentially affected customers of the attack.
Microsoft also stated that hackers used no vulnerabilities or security holes affecting Microsoft products in this attack.
In a blog post, Tom Burt, the company's vice president in charge, points out that economic-political motives are increasingly driving cyberattacks like this. Citing earlier examples of attacks on vaccine development companies by Strontium, which also has a Russian background, attempted to influence elections in the United States and other allied countries.