Illustration: Aïda Amer/Axios
The same Russia-based "threat actor" responsible for last winter's Solarwinds attack is at it again, according to a Microsoft report posted late Thursday — this time, targeting human rights and international aid groups.
By the numbers: The attackers, whom Microsoft refers to as Nobelium, targeted roughly 3000 email accounts at 150 organizations in 24 countries, including "government agencies, think tanks, consultants, and non-governmental organizations." The largest share of attacks hit U.S. organizations.
"These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts," a post by Tom Burt, Microsoft's corporate vice president, customer security and trust, said.
How it worked: Nobelium broke into an email marketing account used by USAID and from there launched phishing attacks on many other organizations, according to Microsoft.
The big picture: "This is yet another example of how cyberattacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives," Microsoft's post said.