“These attacks appear to be Nobelium’s ongoing efforts to target government agencies involved in foreign policy. as part of its data collection efforts,” the company said.
US Department of Homeland Security and the US Department of State It did not immediately respond to a request for comment from CNN Business.
By accessing a USAID account, hackers can send phishing emails that Microsoft says “looks real. But there are links that, when clicked, insert malicious files” that allow hackers to access computers through the backdoor.
“This backdoor can enable a wide range of activities from stealing data to infecting other computers on the network,” Microsoft said.
Microsoft says many attacks are automatically blocked. The company is notifying targeted customers and said it has “no reason to believe that these attacks involve exploiting vulnerabilities or vulnerabilities in Microsoft products or services.”
US intelligence and law enforcement agencies At the time of the hack SolarWinds said the group responsible “Probably from Russia”, adding that the attack was believed to be an act of espionage.
Microsoft reiterated those questionable motives in a blog post on Thursday, saying: “Together with the SolarWinds attack, it’s clear that part of the Nobelium playbook is accessing trusted technology providers and infecting their customers.”
“With the use of numerous software updates and email providers, This allows Nobelium to increase the chances of collateral damage in espionage operations. and undermine confidence in the technology ecosystem,” the company said.