Written by FRANK BAJAK
The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks this week using an email marketing account of the U.S. Agency for International Development, Microsoft said.
The effort targeted about 3,000 email accounts at more than 150 different organizations, at least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post late Thursday.
It did not say what portion of the attempts may have led to successful intrusions.
The cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, said in a post that relatively low detection rates of the phishing emails suggest the attacker was “likely having some success in breaching targets.”
Burt said the campaign appeared to be a continuation of multiple efforts by the Russian hackers to “target government agencies involved in foreign policy as part of intelligence gathering efforts.” He said the targets spanned at least 24 countries.
The hackers gained access to USAID’s account at Constant Contact, an email marketing service, Microsoft said. The authentic-looking phishing emails dated May 25 purport to contain new information on 2020 election fraud claims and include a link to malware that allows the hackers to “achieve persistent access to compromised machines.”
Microsoft said in a separate blog post that the campaign is ongoing and evolved out of several waves of spear-phishing campaigns it first detected in January that escalated to the mass-mailings of this week.
While the SolarWinds campaign, which infiltrated dozens of private sector companies and think tanks as well as at least nine U.S. government agencies, was supremely stealthy and went on for most of 2020 before being detected in December by the cybersecurity firm FireEye, this campaign is what cybersecurity researchers call noisy. Easy to detect.
Microsoft noted the two mass distribution methods used: the SolarWinds hack exploited the supply chain of a trusted technology provider’s software updates; this campaign piggybacked on a mass email provider.
With both methods, the company said, the hackers undermine trust in the technology ecosystem.
Related Stories
‹
Feds to Test North Carolina Election Computers for HackingMore than two years after North Carolina check-in software failed on Election Day, federal authorities will finally examine equipment from a company targeted by Russian military hackers to determine if intentional tampering aimed at disrupting voting occurred. The U.S. Department of Homeland Security analysis of laptops used in Durham County is the first known federal […]
Germany Votes Sunday for a New Government That Will Shape Europe’s Response to an Assertive TrumpGerman voters go to the polls Sunday to elect a new parliament that will determine how the country is run for the next four years.
On the Porch: A Conversation with Braxton WinstonThis Week:
Braxton Winston served as a Charlotte City Council At-Large member from 2017-2023 and served as Mayor Pro Tem. Braxton learned during his tenure that communities thrive when their workforces thrive. As the next Commissioner of Labor, he will support North Carolina’s working families and businesses by: ensuring that all workers go to work in a safe environment, advocating for all people to be paid fairly under NC labor laws, and defending workers rights wherever they find work. Braxton is running for Commissioner of Labor to make North Carolina the #1 state for business and workers. Learn more at votebraxton.com
Ahead of the 2024 Election, Here's How to Read a Public Opinion PollSince we're about to see a lot of them: how should we interpret the results of a public opinion poll? Expert pollster Tom Jensen weighs in.
Top Stories of 2022: New Faces, New Districts and Busted Trends in Midterm ElectionsThe 2022 midterm election was good for Democrats nationally, good for Republicans statewide - and defined locally by several key retirements.
Early Voting Turnout High in Orange County, But Slightly Lower Than 2018Early voting turnout was high this year, both statewide and locally in Orange County - but what that means for the outcome is anyone's guess.
In North Carolina's U.S. Senate Race, Turnout Will Likely DecideIn North Carolina's Senate race, polls show Cheri Beasley and Ted Budd virtually tied - which means it'll likely come down to turnout.
After Close Vote, Germany on Tricky Path to Form GovernmentWritten by GEIR MOULSON The party that narrowly beat outgoing German Chancellor Angela Merkel’s bloc pushed Monday for a quick agreement on a coalition government amid concerns that Europe’s biggest economy could be in for weeks of uncertainty after an election that failed to set a clear direction. Olaf Scholz, the candidate of the center-left […]
Official: Haiti President Jovenel Moïse Assassinated at HomeWritten by EVENS SANON and DÁNICA COTO Haitian President Jovenel Moïse was assassinated in an attack on his private residence early Wednesday, according to a statement from the country’s interim prime minister, who called the killing a “hateful, inhumane and barbaric act.” First Lady Martine Moïse was shot in the overnight attack and hospitalized, interim […]
![]()
Microsoft: SolarWinds Hackers Target 150 Orgs With PhishingWritten by FRANK BAJAK The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks this week using an email marketing account of the U.S. Agency for International Development, Microsoft said. The effort targeted about 3,000 email accounts at more than 150 different […]
›
