Microsoft announced the new activity of the Nobelium group, which supposedly consists of Russian-speaking hackers. In a blog post, the company said that a new series of attacks by the Nobelium group is directed against various companies in 36 countries around the world. Earlier it was reported that members of the said group were involved in attacks on SolarWinds customers.
“The Microsoft Threat Intelligence Center monitors new activity from Nobelium attackers. Our investigation of the methods and tactics used continues, but we have already documented spraying [using previously leaked passwords and generating new ones] and brute-force attacks. We want to share some details to help our customers and communities protect themselves, ”says Microsoft, which also highlights that most of the attackers’ attacks were unsuccessful.
According to available data, attacks by hackers were mainly carried out against IT companies (57%) and government organizations (20%). Significantly fewer cybercriminals were interested in nongovernmental institutions, think tanks and financial organizations. Hackers attacked companies from 36 countries around the world, but their activities were mainly directed against organizations from the United States, Great Britain, Germany and Canada.
Microsoft continues to monitor the activity of cybercriminals. The company recommends that its customers follow security guidelines and use two-factor authentication to protect their accounts. Note that in May this year, Microsoft accused Nobelium of attacking 150 companies from around the world.