Microsoft customer support agent was compromised in SolarWinds hacker attack


The group behind the huge Solar wind Hacks recently launched another cyber attack, and one of the victims was a Microsoft customer support agent.Microsoft has disclose In a blog post, it is tracking new activities of an organization called Nobelium. “Most of this recent campaign was unsuccessful,” the company said, and the organization failed to penetrate most of its targets. However, the attackers managed to compromise at least three entities, and as part of the current investigation, Microsoft also found information-stealing malware on a machine of its customer support agent.

Currently, the technology giant is still investigating the methods used by the attackers, but has seen evidence of password spraying and brute force attacks so far. It did not list the names of the three infected entities in the initial report, nor did it state whether the attackers obtained their information from machines owned by the company’s customer support representatives. However, Microsoft does admit that this machine can access the basic account information of a few of its customers, and criminals have used this information to launch highly targeted attacks.

The company said it responded quickly and was able to remove the organization’s access to its customer service agent equipment. It also alerts infected entities and all other targets through its nation-state notification process.U.S. officials Believe Russia is behind the SolarWinds hackers. Previously link The Nobel Prize was given to the country’s intelligence agencies.

Just last month, Microsoft Find The same organization has been carrying out complex email-based spear phishing campaigns against government agencies, think tanks, and NGOs. After infiltrating the mass mailing service used by the United States Agency for International Development or the United States Agency for International Development, it sent infected e-mails to the target. This new event focuses more on IT companies, but it also targets government organizations and non-governmental organizations on a smaller scale. As with previous activities, Nobelium has targeted entities located in the United States in its recent series of attacks. Approximately 10% of the targets are located in the United Kingdom, while a smaller number of targets are located in Germany and Canada.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you purchase goods through one of these links, we may earn member commissions.

Leave a Reply

Your email address will not be published. Required fields are marked *