The group, which Microsoft refers to as Nobelium, gained access to Microsoft customer support tools that allowed the cyber thieves to view billing contact information, as well as what services customers were paying for. In some cases, Nobelium – described as a “sophisticated Nation-State associated actor” in a document seen by Reuters – used the data that it stole to launch “highly targeted attacks” as part of a larger hacking operation, the tech giant said. The breach is said to have occurred in the second half of May.
Microsoft warned affected customers to be careful when handling communications involving billing matters, and urged them to consider changing relevant usernames and email addresses. The company said that the phishing campaign targeted at least three entities, without providing further details. It also declined to disclose whether the customer service representative who was hacked was an official employee or a contractor.
Nobelium has been accused of carrying out the infamous SolarWinds hack. The cyber attack, first reported in December, exploited backdoor access to a popular network-management program distributed by the Texas-based SolarWinds company. The security breach went undetected for months and is believed to have affected the systems of more than 100 companies around the world, as well as nine US government agencies. In March it was revealed that the SolarWinds exploit also allowed hackers to gain access to email accounts belonging to then-Acting DHS Secretary Chad Wolf and members of the department’s cybersecurity team.
Microsoft said that the customer service breach is not related to the SolarWinds incident, although it was discovered while probing the massive hack.
In May, the software giant announced that it had uncovered a “wide-scale malicious email campaign” operated by Nobelium which used a mass-mailing service to “masquerade as a US-based development organization and distribute malicious URLs to a wide variety of organizations and industry verticals.”
Washington has claimed that Russian hackers are most likely behind the breach, but it has yet to back up the allegation with evidence. The Kremlin has strongly denied any involvement.
Like this story? Share it with a friend!
© 2021, paradox. All rights reserved.
Russian President Vladimir Putin has officially been sworn into office for a fifth term. In…
Moscow will retaliate against British targets in Ukraine or elsewhere if Kiev uses UK-provided missiles…
Ukrainian President Vladimir Zelensky cannot enlist God in Kiev’s fight against Moscow, the Russian Orthodox…
Ukrainian President Vladimir Zelensky has proclaimed that God is an “ally” of Ukraine in the…
Israel is willing to pause its military offensive in Gaza if Hamas releases all the…
The EU’s top diplomat, Josep Borrell, has admitted that not every member state agrees to…