US software company already hit again: Microsoft announces remote cyber attack again.
Areas of the company in the United States and 23 more countries worldwide are affected!
“The wave of attacks targeted about 3,000 email accounts at more than 150 different companies,” Microsoft manager Tom Burt wrote Thursday (local time). On his blog. He is responsible for the “Security and Trust” section of the software company. According to Microsoft, the attack is ongoing.
According to Burt, the focus of the attacks is on government agencies, think tanks, consulting firms and NGOs in the United States. It was in March that the major attack on Microsoft’s Exchange tool took place. Tens of thousands of email servers were hacked during that time.
Burt’s opinion is that the Russian hacker group Nobelium is behind the current attack. The team was made for that Attack on Solar Winds in December Charged, which affected nuclear research centers in the United States.
“These attacks appear to be a continuation of Nobilium’s repeated attempts to target government agencies involved in foreign policy as part of intelligence,” Burt said in a statement.
In response to the Solar Winds attack, the United States imposed sanctions on Russia in April. Russian officials blamed the foreign intelligence service, SWR, for the attack. SWR rejected it.
In the current attack, Burtz claims that hackers have gained access to Constant Contact, an email marketing service used by the US Development Agency (USAID). From there, hackers would have sent phishing emails similar to real USIIT emails.
The emails have a link where you want to install the malware. This allows data theft and infection of other computers on a network.