Russian hackers behind fresh US cyberattack: Microsoft
Describing the cyberattack as "nation-state activity", MSTIC said it "shares the hallmarks" of the assault on SolarWinds, a Texas-based software company targeted as its 300,000-strong customer base gave the hackers access to a huge number of compa...
By AFP | Updated:
Agencies
The state-backed Russian hacking group that carried out last year's massive SolarWinds cyberattacks is behind a new and ongoing assault against US and European targets, Microsoft said Monday.
The software giant's Threat Intelligence Center (MSTIC) said in a blog post that the Nobelium group was attempting to gain access to customers of cloud computing services and other IT service providers to infiltrate "the governments, think tanks, and other companies they serve".
Describing the cyberattack as "nation-state activity", MSTIC said it "shares the hallmarks" of the assault on SolarWinds, a Texas-based software company targeted as its 300,000-strong customer base gave the hackers access to a huge number of companies.
Washington imposed sanctions in April and expelled Russian diplomats in retaliation for Moscow's alleged involvement in the SolarWinds attack, as well as election interference and other hostile activity. The latest attack has been underway since at least May, MSTIC said, with Nobelium deploying a "diverse and dynamic toolkit that includes sophisticated malware".
"Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," Microsoft V-P Tom Burt wrote in a blog post published late Sunday. This time, Burt noted, Nobelium is targeting "resellers" - companies that customise Microsoft's cloud computing services for use by businesses and other organisations.
"Since May, we have notified more than 140 resellers and technology service providers that have been targeted by Nobelium," he wrote.
The software giant's Threat Intelligence Center (MSTIC) said in a blog post that the Nobelium group was attempting to gain access to customers of cloud computing services and other IT service providers to infiltrate "the governments, think tanks, and other companies they serve".
Describing the cyberattack as "nation-state activity", MSTIC said it "shares the hallmarks" of the assault on SolarWinds, a Texas-based software company targeted as its 300,000-strong customer base gave the hackers access to a huge number of companies.
Washington imposed sanctions in April and expelled Russian diplomats in retaliation for Moscow's alleged involvement in the SolarWinds attack, as well as election interference and other hostile activity. The latest attack has been underway since at least May, MSTIC said, with Nobelium deploying a "diverse and dynamic toolkit that includes sophisticated malware".
"Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," Microsoft V-P Tom Burt wrote in a blog post published late Sunday. This time, Burt noted, Nobelium is targeting "resellers" - companies that customise Microsoft's cloud computing services for use by businesses and other organisations.
"Since May, we have notified more than 140 resellers and technology service providers that have been targeted by Nobelium," he wrote.
ADVERTISEMENT
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
YouTube earns more from Xbox games than Microsoft: CEO Satya NadellaADVERTISEMENT
