Microsoft has issued a warning that the group of Russian hackers believed to be behind the so-called SolarWinds attacks is now starting to attack the systems again.
According to Microsoft, this week, the Nobelium hacker group attempted to access more than 3,000 email systems of various Western governments, organizations, among others, for various human rights issues and chains of thought. The majority of attacks discovered by Microsoft are said to have occurred against US interests, but other Western targets have also been discovered that were affected. Microsoft writes in a statement:
“While organizations in the United States received the largest share of attacks, the targeted victims came from at least 24 countries. At least a quarter of the organizations targeted were involved in international development, humanitarian work and human rights. Nobelium, who originated from Russia, is the same actor behind the attacks on SolarWinds customers in 2020. ‘
The purpose of attacking email systems appears to be that they can be used to send emails that appear to come from those who have been attacked. These emails should contain NativeZone malware that could provide unauthorized access to the back doors of various systems. This can happen if recipients of email messages inadvertently click on links in the email that install NativeZone in their system.
Microsoft wrote that many of the attacks were automatically stopped by Windows Defender and that they are now informing customers that it believes they have experienced new attacks.