"As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in some cases to launch highly targeted attacks as part of their broader campaign," said Microsoft.
Nobelium leveraged password-spraying and brute force methods to attack various customers, most of which were IT firms, but only three undisclosed entities were successfully compromised.
A Microsoft spokesperson said that the newest attack was not connected to a prior successful attack by Nobelium on the company, according to Reuters. SolarWinds has also denied being involved in the latest attack.