The Russian hackers allegedly violated the software of NGOs linked to the government agency for international aid USAID. The vice president of Microsoft writes it in his blog, Tom Burt. The Nobelium collective, most likely behind last year’s cyberattack on US private company SolarWinds, sent fraudulent emails to more than 3,000 accounts in more than 150 agency-related NGOs and think tanks, spread across 24 countries.
Maxi hacker attack on US institutions, suspects on Russian services
by our correspondent Federico Rampini
As with SolarWinds, the Nobelium hackers, linked to Russian intelligence, used a ‘back door’ called NativeZone capable of providing unlimited access to the software of the recipients, almost all critics of Moscow and supporters of the Russian dissident Navalnyj – writes Burt – “This week we have seen cyber attacks by Nobelium, against government agencies, think tanks, consultants and non-governmental organizations.”
At least a quarter of the targeted organizations are involved in international development, humanitarian issues and human rights work, Burt said.
The cyber-offensive takes place three weeks after the Putin-Biden meeting in Geneva. Last month Biden announced a series of new sanctions against Russia and the expulsion of diplomats for the SolarWinds hack operation, which has breached at least seven government agencies and hundreds of large American companies. Breach discovered only after 9 months, thanks to a cybersecurity company. US intelligence is certain that Moscow’s foreign secret services were behind the attack.
United States, the nuclear safety agency also hacked
by our correspondent Federico Rampini
Microsoft has highlighted how the attack on Usaid differs “significantly” from that on SolarWinds. New tools would be used to avoid detection. Burt writes in his post that the attack is still ongoing and that hackers continue to send scam mails at incredible speed. For this reason, Microsof has decided to make the cyber attack known, publishing samples of the fake emails.
This umpteenth attack, writes the New York Times, is a signal that Russian intelligence agencies do not intend to back down in the face of sanctions or even for the diplomatic expulsions decided in April. Moscow has always denied its involvement.
.