Microsoft has revealed a new cybersecurity attack by the same group responsible for the SolarWinds Hack.
According to a statement posted on the Microsoft Security Response Center website, the company stated that the most recent attack was "mostly unsuccessful," but that there are three compromised entities that it is aware of.
Per a report by Bloomberg, a support agent's computer was compromised due to the attack. The victims have been notified via Microsoft's nation-state notification process. The hacked computer had access to information of a small, limited number of customers.
Microsoft Hacker Attack: Blame Falls on Nobelium
Microsoft has identified a group called Nobelium as the culprit behind the attack.
According to Bloomberg, Nobelium is a state-sponsored group of Russian cybersecurity attackers that targets IT companies, governments, financial service entities, and even non-profit organizations.
It is also the same group of hackers responsible for the SolarWinds Hack that happened last year.
"Our investigation into the methods and tactics being used continues," the company assured in its statement.
Just last month, Microsoft was able to stop Nobelium's plans to distribute an email URL malware. The threat, which had been trying to get into the company's systems as early as January, was detected by the Microsoft Threat Intelligence Center.
Related Article: SolarWinds Attack Discovered: Microsoft's Analysis Found Around 1,000 Developers' Fingerprints
SolarWinds Hack: What Happened
SolarWinds is a software company based in Texas that focuses on helping businesses manage their networks and systems through their products. The company was founded in 1999 by brothers David and Donald Yonce.
The company was the victim of a sophisticated malware attack last year that infected around 18,000 of their customers. The breach was reported to the Securities and Exchange Commission on December 15, but the malware-infected digital certificates were not revoked until the 21st.
Prior to the revoking of the compromised certificates, SolarWinds' malware-infected updates continued.
Experts have since claimed that the company's password, "solarwinds123," made them very vulnerable to cyberattacks. It has since been clarified that the password was used for "a third-party vendor application and not for access to the SolarWinds IT systems" that was likewise not connected to the company's IT systems.
SEC Probes SolarWinds Hack Victims
In response to the SolarWinds Hack, the SEC has opened a probe into the attack that focuses specifically on the companies involved. The probe aims to check whether there are companies that have failed to disclose that they were victimized by the attack, according to Reuters.
Voluntary information requests have been issued by the SEC to multiple companies. These voluntary information requests seek to determine the impact of the SolarWinds Hack. Companies and other entities who have received the request have only a week from the date of delivery to respond to SEC's request.
The SEC has also likewise requested that the companies preserve all documentation related to the SolarWinds Hack, per a report by Mondaq.
Also Read: [Update] SolarWinds Hack Finds Possible Link to China, Say Researchers-- Supernova Malware Detected
This article is owned by Tech Times
Written by Isabella James
Related Article
Microsoft Catches NOBELIUM's Email Malware Plans, Also Known for its Part in SolarWinds' Attack
SolarWinds Attack Discovered: Microsoft's Analysis Found Around 1,000 Developers' Fingerprints
[Update] SolarWinds Hack Finds Possible Link to China, Say Researchers-- Supernova Malware Detected
[UPDATE] SolarWinds Executive Blames Intern for Leaking Company Password 'solarwinds123:' The Password Used Since 2017
