Microsoft has reported on the new activity of the hacker group Nobelium, which is associated with Russia, against the company’s users and their data in 36 countries, mainly in the United States and the United Kingdom, as well as the hacking of the Microsoft customer support service device.
In May, Microsoft has already accused hackers from Nobelium of attacking 150 different government agencies, analytical institutes, and non-governmental organizations in the United States and more than 20 countries around the world. The company associates hackers from Nobelium with Russia and believes that this group was behind the hacking of SolarWinds in 2020.
According to Microsoft, the hackers targeted certain users, including IT companies (57%), government agencies (20%), as well as to a lesser extent non-governmental organizations, analytical centers, and financial services. The activity was mainly focused on the United States (about 45%), the United Kingdom (10%), Germany, Canada, and other countries.
“The Microsoft Security Threat Intelligence Center is tracking new activity from the Nobelium attacker. Our investigation of the methods and tactics used is ongoing, but we have noticed password spraying and password brute force attacks,” the company said in a statement.
It is also reported that the hackers managed to install malware on a device belonging to the Microsoft customer support service and gain access to some information that was used for a broader activity.
However, it is noted that most of the hackers ‘ actions were unsuccessful. At the moment, only three institutions are known, to whose accounts hackers managed to get any access, employees of the company contact these organizations. Microsoft encourages users to take measures to ensure the protection of their data.