RUSSIAN HACKERS LAUNCH ATTACK THROUGH USAID EMAIL SYSTEM, MICROSOFT SAYS

Tech World

Sat 29 May 2021:

A Russian hacker group known as Nobelium has launched another sweeping cyber attack, this time using the US Agency for International Development’s (USAID) email system, Microsoft has said.

Microsoft said in a blog post Thursday that the hacking group, known as Nobelium, had targeted over 150 organizations worldwide in the last week, including government agencies, think tanks, consultants and nongovernmental organizations.

They sent phishing emails — spoof messages designed to trick people into handing over sensitive information or downloading harmful software — to more than 3,000 email accounts, the tech giant said.

 The SolarWinds cyber attack, which used software updates to compromise thousands of computer systems, led to the US expelling 10 Russian diplomats from the country, and imposing sweeping sanctions on 32 Russians.

At least 25% of the targeted organizations are involved in international development, humanitarian and human rights work, said Tom Burt, Microsoft’s corporate vice president of customer security and trust.

 “These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts,” Burt said.

Nobelium’s most recent attack used USAID’s email system to launch a phishing attempt that targeted 3,000 email accounts at over 150 organizations in at least 24 countries. Human rights-focused think tanks, consultant groups and non-governmental organizations were among the targets.

The phishing emails appeared authentic, but had a link that downloaded a malicious file when it was clicked. It installed a backdoor to the computer system Microsoft calls “NativeZone” that “could enable a wide range of activities from stealing data to infecting other computers on a network.”

Part of the reason behind the attack is to “gain access to trusted technology providers and infect their customers”

“By piggybacking on software updates and now mass email providers, Nobelium increases the chances of collateral damage in espionage operations and undermines trust in the technology ecosystem,” Microsoft said.

“This is yet another example of how cyberattacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives, with the focus of these attacks by Nobelium on human rights and humanitarian organizations,” it added.

Microsoft appealed for the international community to establish “clear rules governing nation-state conduct in cyberspace and clear expectations of the consequences for violation of those rules.”

FOLLOW INDEPENDENT PRESS:

TWITTER (CLICK HERE)
https://twitter.com/IpIndependent

FACEBOOK (CLICK HERE)
https://web.facebook.com/ipindependent

Think your friends would be interested? Share this story!

Leave a Reply

Your email address will not be published. Required fields are marked *