Last week, Microsoft revealed that 3,000 email accounts involving more than 150 organizations in 24 countries had been targeted by a nation sponsored hacking group Microsoft calls “Nobelium,” which is the same group responsible for the Solar Winds attack.
The company and law enforcement have been warning U.S. organizations that government agencies, think tanks and non-governmental organizations are the targets of such attacks, but they aren’t the only targets.
Moreover, multi-level targeting is becoming common place, meaning that hackers are not just attacking a company. Increasingly, they’re targeting companies, their partners and customers whether by ransomware or other means.
Hacked eMail Accounts Used for Phishing
According to Microsoft, Nobelium reportedly gained access to the U.S. Agency for International Development (USAID) Constant Contact email account and launched a phishing campaign which included a malicious link that distributes what Microsoft calls the “NativeZone” backdoor. The backdoor can be used to infect computers, steal data and do other harm.