- Phishing security – The Nobelium hacker group has been identified in a new cyber-attack alert published by Microsoft.
- Over 3000 accounts belonging to government and non-government organizations have already been hacked.
- Tom Burt of Microsoft explains how this phishing scheme works against its victims.
- Because the malicious party is using a former USAID account, the attack efforts are now more plausible.
Now attack levels have began to rise again, Microsoft has issued a critical cybersecurity warning for everyone out there. Nobelium, a Russian-backed outfit, is at it again, and the strategies they used this time could fool even the most alert watchers.
Nobelium is phishing via a hacked USAID account.
As previously stated, Russian hackers have gained access to a Constant Contact email marketing platform previously utilized by USAID in order to carry out their nefarious activities.
According to estimates, the phishing scheme targeted approximately 3000 accounts associated to government agencies, consultants, think tanks, and other non-governmental groups.
Despite the fact that Nobelium’s efforts were primarily focused on the United States, the harmful content appears to have spread to more than 24 nations, according to Microsoft.
Tom Burt, Microsoft Vice President for Customer Services and Confidence, explained the insertion into victim’s machines of malware in Native Zone.
To try not to blame Microsoft, Burton said that many email messages were blocked and thus that any vulnerability in Microsoft products may be eliminated by allowing people to think that system defects may have facilitated these attacks.
How do Nobelium attack its Victims?
The emails sent by the hackers have a link, and after this link is clicked, the keys to your home are almost like handing.
After clicking on the link referenced above, an ISO with a decoy document, shortcut and a DLL executable with Cobalt Strike Beacon loader is delivered to the machine in question (Native Zone).
The DLL is run when users are actually running this shortcut and Nobelium has free access to all your data and can extract any information they want.
In February 2021, Microsoft found out for the first time about this distribution of malware, as detailed in the Microsoft Threat Intelligence Center article.
Microsoft has put it on the line in the fight against these malicious groups and has taken the support of other nations, according to Tom Burt, that are ready to stand up and take action against cyber oppression.
Recall that not only cool wallpapers, great music and funny cat videos are on the internet. The first concern of everybody should be to keep protected in this dangerous cyber environment online.
This evolving story we will keep an eye on and let you know of any changes that may happen in this matter. As you may know, we cover issues involving serious threats to ransomware.
Also Check : How To Start a Ransomware Protection on Windows 10