USAID Email Phishing Campaign Shows Supply Chain Threats Continue
A Russian-based group’s cyberattack in late May on a range governmental agencies, think thanks, non-governmental agencies (NGOs) and the like around the world highlight the growing threat from software supply chain campaigns like the high-profile SolarWinds hack that was perpetrated by the same cybercriminals last year.
Cybersecurity experts at both Microsoft and SecureWorks said that the hacker group – called Nobelium by Microsoft but which also is known as APT29 – accessed the Constant Contact email marketing account used by the U.S. Agency for International Development (USAID) to launch phishing campaigns against a broad array of targets.
Microsoft Reveals Another Alleged CyberAttack By Nobelium southfront.org - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from southfront.org Daily Mail and Mail on Sunday newspapers.
In a blog post detailing the research, the tech giant said it is in the process of notifying all of its customers who had been attacked by the Nobelium hacking group, which is thought to be backed by the Russian state.
Nobelium is said to have been behind December 2020 s SolarWinds hack, which saw hundreds of companies, as well as nine US governmental agencies, have their networks infiltrated. Although widely believed to have been orchestrated by the Russian government, the head of the Russian Foreign Intelligence Service (SVR) has denied any involvement in the incident and has branded the accusations pathetic .