{"id":261715,"date":"2021-05-28T20:41:30","date_gmt":"2021-05-28T17:41:30","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/hackers-behind-solarwinds-targeted-150-other-groups\/"},"modified":"2021-05-28T20:41:30","modified_gmt":"2021-05-28T17:41:30","slug":"hackers-behind-solarwinds-targeted-150-other-groups","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/hackers-behind-solarwinds-targeted-150-other-groups\/","title":{"rendered":"#Hackers behind SolarWinds targeted 150 other groups"},"content":{"rendered":"

#Hackers behind SolarWinds targeted 150 other groups<\/strong>”<\/p>\n

\n

The Russian hackers behind last year\u2019s massive SolarWinds data breach are back in action \u2014 and have targeted more than 150 organizations this week, according to Microsoft.<\/p>\n

The group, known as Nobelium, has targeted government agencies, think tanks, consultants and non-governmental organizations, Microsoft said. The majority of the victims are located in the US, but organizations in 24 countries have been targeted, according to the company.\u00a0<\/p>\n

\n
\"Emails
Emails app<\/a>eared to originate from USAID while having an authentic sender email address that matches the standard Constant Contact service.<\/figcaption>
Microsoft<\/span><\/figcaption><\/figure>\n<\/div>\n

This week\u2019s attack reportedly escalated after the hackers gained access to an online email marketing\u00a0 account used by the United States Agency for International Development, the foreign aid and development assistance arm of the federal government.\u00a0<\/p>\n

The hackers then used the mass-emailing marketing service Constant Contact on Tuesday to imitate the agency and \u201cdistribute malicious URLs to a wide variety of organizations and industry verticals,\u201d Microsoft said in a Thursday blog post<\/a>, adding that about 3,000 email accounts were targeted.\u00a0<\/p>\n

\u201cThese attacks appear to be a continuation of multiple\u00a0efforts by Nobelium\u00a0to\u00a0target government agencies involved in foreign policy\u00a0as part of\u00a0intelligence gathering efforts,\u201d Microsoft vice president of customers security and trust Tom Burt wrote in another blog post<\/a>.\u00a0<\/p>\n

The hacking campaign was known to Microsoft starting in January but escalated significantly when Nobelium accessed the USAID account this week, according to Microsoft.\u00a0<\/p>\n

\n
This image from Microsoft shows a shortcut that executes a hidden dll file that can be exploited by hackers.<\/figcaption>
Microsoft<\/span><\/figcaption><\/figure>\n<\/div>\n

\u201cWhen coupled with the attack on SolarWinds, it\u2019s clear that part of Nobelium\u2019s playbook is to gain access to trusted technology<\/a> providers and infect their customers,\u201d Burt said.\u00a0<\/p>\n

Nobelium first gained notoriety in December 2020 after gaining access to email accounts belonging to key US government officials, including then-acting Secretary of the Department of Homeland Security Chad Wolf and several members of the department\u2019s cybersecurity team.\u00a0<\/p>\n

The Russian government has denied responsibility for Nobellium\u2019s actions, but US President Joe Biden has blamed Moscow for the SolarWinds hack and sanctioned Russian government and intelligence officials in retaliation.\u00a0<\/p>\n

Microsoft stopped short of blaming Russia\u2019s government for the attack in Thursday\u2019s blog posts, but said that the goals of the hackers seemed to align with Moscow\u2019s foreign policy goals.\u00a0<\/p>\n

\u201cNobelium\u2019s activities and that of similar actors tend to track with issues of concern to the country from which they are operating,\u201d said Burt. \u201cThis is yet another example of how cyberattacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives, with the focus\u00a0of these attacks by Nobelium\u00a0on human rights and humanitarian organizations.\u201d\u00a0<\/p>\n

\"Hands
Hackers gained access to an online email marketing account used by the United States Agency for International Development, authorities said.<\/figcaption>
Alamy Stock Photo<\/span><\/figcaption><\/figure>\n

This week\u2019s events are sure to increase tension when Biden meets with Russian President Vladimir Putin on June 16 \u2014 the first face-to-face encounter between the two men since Biden was elected president.\u00a0\n <\/p><\/div>\n

If you liked the article, do not forget to share it with your friends. Follow us on\u00a0Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n

\n

For forums sites go to Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n

\n

If you want to read more News<\/a> articles, you can visit our News category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n

Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

“#Hackers behind SolarWinds targeted 150 other groups” The Russian hackers behind last year\u2019s massive SolarWinds data breach are back in action \u2014 and have targeted more than 150 organizations this week, according to Microsoft. The group, known as Nobelium, has targeted government agencies, think tanks, consultants and non-governmental organizations, Microsoft said. The majority of the…<\/p>\n","protected":false},"author":1,"featured_media":261716,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/nypost.com\/wp-content\/uploads\/sites\/2\/2021\/05\/microsoft-reports-bigger-solarwindshack2.jpg?quality=90&strip=all&w=1200","fifu_image_alt":"","footnotes":""},"categories":[70897],"tags":[107576,70513,70286,4975,73234],"class_list":["post-261715","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-5-28-21","tag-hacking","tag-microsoft","tag-russia","tag-vladimir-putin"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/261715","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=261715"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/261715\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/261716"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=261715"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=261715"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=261715"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}