Microsoft said the hackers behind the SolarWinds cyberattack recently compromised a new trio of victims using access to one of the company’s customer support agents.
The hacked portal used by the individual agent contained information for a “small number of customers,” which the attackers used to launch a “highly-targeted” attack,” Microsoft said Friday in a blog post. The company said it has since removed the attackers and secured the compromised device.
Microsoft didn’t identify the victims but said it had alerted the hacked entities through its nation-state notification process. Microsoft’s Threat Intelligence Center attributed the attack to a group called “Nobelium.”
That’s the same group of state-sponsored Russian hackers who used sophisticated intrusion techniques in 2020 to infect with malware as many as 18,000 customers of the Texas-based software company, SolarWinds Corp.
Microsoft said Nobelium targeted IT companies, governments, non-profits, think tanks, and financial services entities across 36 countries during the recent attack. “The activity was largely focused on US interests, about 45%, followed by 10% in the UK, and smaller numbers from Germany and Canada,” the Redmond, Washington-based software maker said in the blog.
Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.