Microsoft has issued an alert to expose a targeted spear-phishing campaign launched by Russian hackers behind the SolarWinds hacking campaign to target more than 150 different organisations across sectors and conduct data exfiltration or additional malware deployment.
The targeted spear-phishing campaign, conducted by NOBELIUM, the hacker group behind the SolarWinds hacking campaign, was first detected in late January and since then, the hackers have used a variety of tools and techniques to make organisations click on malicious links and enable the deployment of malware into their networks.
According to the Microsoft Threat Intelligence Center (MSTIC), the spear-phishing campaign has so far targeted approximately 3,000 individual accounts across more than 150 organisations. The hackers have been found employing "an established pattern of using unique infrastructure and tooling for each target, increasing their ability to remain undetected for a longer period of time."
