A Russian Hacking group dubbed Nobelium has reportedly targeted more than 3000 Exchange Email server accounts from Microsoft operating across 150 US firms says a report released by Tom Burt, Corporate Vice President and Customer Security & Trust, Microsoft.
Microsoft report specifies that the threat actors are showing interest in only government agencies, think tanks, consultants, and NGOs working across North America and in some parts of Europe and have sidelined small and medium scale businesses for now.
While the majority of organizations victimized in the attack belong to the United States, some are also reportedly hailing from 16 countries says the report.
The good news is that the attacks were blocked by Windows Defender software and all of the targets were formally informed about the incident.
Nobelium is known to target government organizations by targeting Constant Contact accounts used for email marketing. Security experts say that they intend to steal intellectual property and use the device to infect other devices in the network.
We all know that the Constant Contact service is typically used in marketing campaigns. And the hacker/s from the Nobelium group are using the victimized machines to distribute phishing emails laced with malicious links that enable backdoors on the victimized machines.
Note 1- Early this year, a Chinese hacking group named Hafnium was reportedly involved in infiltrating thousands of Microsoft Exchange servers across the globe.
Note 2- In Nov last year, another Russian-funded hacking group was founded in the SolarWinds software hack that targeted most of the federal organizations across North America.