Microsoft has recorded new cyberattacks by the Nobelium hacker group against the company’s users and their data in 36 countries, according to the company’s blog. Most of the hacker attacks were unsuccessful. According to Microsoft, Nobelium is based in Russia and involved in attacks on SolarWinds customers.
“The Microsoft Security Threat Intelligence Center is monitoring new activity from attacker Nobelium. Our investigation into the methods and tactics used continues, but we noticed password spraying and brute-force attacks, ”the company said. At the same time, most of the hackers’ actions were unsuccessful, only three institutions were identified, to whose accounts hackers got access, company employees work with these organizations.
According to Microsoft, attacks were carried out on IT companies (57%), government agencies (20%) and non-governmental organizations, think tanks and financial services. Activity was recorded in the USA (about 45%), Great Britain (10%), Germany, Canada and other countries, there were 36 of them in total.
At the end of May, Microsoft announced that more than 150 organizations from 24 countries of the world were subjected to a massive cyberattack. The company claims that the group with “Russian roots” involved in the attack, Nobelium, is also responsible for the largest breach of US government structures in 2020. The Kremlin called the accusations “abstract” and “unfounded” and called on the company to explain its statement.
Read more about the attacks in the Kommersant article “Cyber troops came from where they were expecting.”