The SolarWinds hackers have been blowing through US government departments again. Microsoft said the Nobelium group, identified by the White House last month as being part of the Russian Foreign Intelligence Service, used USAID’s mass email system, supplied by the Constant Contact email marketing service, to pose as the US international development agency.
It sent emails to more than 3,000 accounts at some 150 government agencies, think tanks, consultancies and non-governmental organisations, reports Hannah Murphy. Targets who opened the emails allowed the hackers to perform “a wide range of activities from stealing data to infecting other computers on a network”.
This was an intelligence-gathering effort then, rather than a ransomware attack to seize up online operations and demand money for their restoration. Hannah has also been looking at the rise of “crypto laundries”, places where criminals taking ransomware payments in cryptocurrencies can turn them into hard cash.