Microsoft warns of ‘sophisticated’ Russian email attack targeting government agencies

Microsoft has warned of an ongoing “sophisticated” cyber attack that is believed to have come from hackers connected to Russia behind the SolarWinds hack. In a blog post, Tom Burt, Microsoft’s vice president of customer security and trust, said the attack appears to be targeting government agencies, think tanks, consultants, and NGOs. In total, it is estimated that about 3,000 email accounts are targeted at 150 organizations. The victims are spread in over 24 countries, but it is believed that the majority are in the United States.

According to Microsoft, a hacker from a threat actor named Nobelium was able to send a real-looking phishing email by compromising an account at the U.S. International Development Organization in a marketing service called Constant Contact. Microsoft’s post contains a screenshot of one of these emails claiming to contain a link to Donald Trump’s “Election Fraud Documents”. However, clicking this link installs a backdoor that allows attackers to steal data or infect other computers on the same network.

In a statement, a spokesperson for Constant Contact said, “We know that the account credentials of one of our customers have been compromised and used by a malicious actor to gain access to the customer’s Constant Contact account. “This is an isolated case, and we temporarily disabled the affected accounts while working with clients working with law enforcement agencies.”

Microsoft believes that many attacks have been automatically blocked and that Windows Defender antivirus software also limits the spread of malware. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency acknowledged Microsoft’s blog post and encouraged managers to apply “needed mitigations”.

These malicious emails are a warning that supply chain cyberattacks against U.S. organizations show no signs of slowing down and that hackers are updating their methods as previous attacks become public. In its post, Microsoft establishes a new international norm governing “the behavior of national states in cyberspace” and calls for expectations of the consequences of violating them.

The U.S. government has accused Russian foreign intelligence agency SVR for hacking SolarWinds. Bloomberg Russian President Vladimir Putin denied Russian intervention. It is estimated that the attack damaged about 100 private companies and 9 federal agencies. It is estimated that up to 18,000 SolarWinds customers have been exposed to malware. In response, President Biden announced new sanctions against Russia and expelled 10 Russian diplomats from Washington. Bloomberg report.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Discover

Sponsor

Latest

Microsoft Surface Pro 7 Plus review: built for business

You can now put 5 years worth of Surface Pro devices side by side, and it's almost impossible to tell them...

Samsung’s new Galaxy Watch gets a walkie talkie feature of its own

Samsung has launched a new Walkie Talkie app for the Galaxy Watch 4 and Watch 4 Classic. The release of...

The best open-ear headphones for bike riding

Like many people, I have had most of the epidemic that rekindled my love of cycling. When I go out,...

Best 10 Best Indian Fashion and Lifestyle Magazines for 2019-2020

Lifestyle and fashion are more than just clothing. However, shoes, accessories, makeup, body piercings or hairstyles stand out, but fashion exams...

How Your Phone Ringing Affects Others – Top10Brands.online

The effects of cell phone ringtones on intellectual performance were investigated in four tests. In Experiments 1 and 2, the effects of...