SolarWinds hackers compromise Microsoft employee to launch new attacks | SC Media
Third-party risk

SolarWinds hackers compromise Microsoft employee to launch new attacks

June 26, 2021
Microsoft said that Nobelium, the Russian nation-state hackers behind the SolarWinds attack, were able to infiltrate an employee computer to deploy attacks targeted at its customers across 36 countries, most of which were in the US, reports Ars Technica.

"As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in some cases to launch highly targeted attacks as part of their broader campaign," said Microsoft.

Nobelium leveraged password-spraying and brute force methods to attack various customers, most of which were IT firms, but only three undisclosed entities were successfully compromised.

A Microsoft spokesperson said that the newest attack was not connected to a prior successful attack by Nobelium on the company, according to Reuters. SolarWinds has also denied being involved in the latest attack.
prestitial ad