Microsoft just released new information on a widespread malicious email campaign by Nobelium, the same hackers behind the massive SolarWinds incident.
This active campaign has already targeted 3,000 email accounts across 150 organizations. Microsoft reports the emails are crafted to look like they are from the United States Agency for International Development (USAID), including some that read “special alert” and “Donald Trump has published new documents on election fraud.”
The links go to Nobelium infrastructure and deliver a malicious file which allows hackers “persistent access to compromised machines.” Microsoft published this sample email screenshot from the malicious campaign.
Example email below:
If you receive an email similar to this or purportedly from the USAID, please forward it to your IT department and do NOT click on any links in the email.
When you purchase one of our cyber insurance policies you’ll receive vital cybersecurity updates such as this and online training courses to keep your employees up-to-date with the current cyber threats.