In a post late Friday, the Microsoft team reported new activity by the Russian hacker group Nobelium against certain categories of users of company services. The hacking attempts also include user data in 36 countries, as well as Microsoft’s customer support hack.
“The Microsoft Threat Intelligence Center follows the new activities of the NOBELIUM threat author. Our investigation into the methods and tactics used continues, but we have seen both password spray and brute force attacks and we want to share some details to help our customers and communities protect themselves, ”said the MSRC.
“We responded quickly”
Microsoft said the group’s activities target specific customers, mainly IT companies (57%) and government agencies (20%). It focused mainly on the United States (about 45%), as well as the United Kingdom, Germany and Canada. However, Microsoft has indicated that it has taken steps to thwart attempts to protect its customers, whom it informs and helps ensure the security of their accounts.
“We responded quickly, removed access, and secured the device. The investigation is ongoing, but we can confirm that our support agents are configured with the minimum set of permissions required as part of our zero-trust “less privileged access” approach to customer information. We inform all affected customers and help them ensure the security of their accounts, ”the blog post clarifies. Last month, Microsoft previously reported on attacks by the Nobelium Group against 150 government agencies, think tanks, consultants, and non-governmental organizations in the United States, as well as in more than 20 countries. The company links the group with Russia.