The Russian hacker group responsible for the SolarWinds hack in 2020 has launched a new attack that targets government organizations according to Microsoft and other non-government entities.
Experts at Microsoft believe that that hacker group Nobelium launched their attack earlier this month after gaining access to email marketing tools used by the U.S. Agency for Internal Development (USAID).
“These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts,” Tom Burt, Microsoft vice president of customer security and trust, wrote in a company blog post.
The attack seems to have targeted approximately 3,000 email addresses across 150 organizations and 24 countries, focusing on groups that work on international development and human rights.
Microsoft calls the attack an “active incident”, mostly comprised of phishing schemes that send emails designed to install malicious software onto the users computer.
Cybersecurity firm Volexity released a statement regarding the attack, saying that the low detection rate of phishing schemes could likely mean that the attackers have had some success infiltrating targeted systems.
Microsoft estimates that the campaign has been going on since January 2021 and has continued to evolve in its complexity as time has gone on.