In a blog post published Friday, Microsoft said it had discovered new attacks by Nobelium, a Russian hacking group that, along with a trojan that steals information, was also active on the computer of a Microsoft account manager and got access to customer information.
While Nobelium used this customer data for targeted phishing attacks against Microsoft customers, the company said the group carried out password sprays and brute force attacks to gain access to corporate networks.
In the blog post, Microsoft stated: “This activity was targeted at specific customers, primarily IT companies (57%), followed by government (20%), and smaller percentages for non-governmental organizations and think tanks, as well as financial services. The activity was largely focused on U.S. interests, about 45%, followed by 10% in the UK, and smaller numbers from Germany and Canada. In all, 36 countries were targeted.”
For more information, read the original story in Bleeping Computer.
