(RoyalPatriot.com )- If you thought the Solar Winds hacking scandal was over now that the United States government knows who was behind it…think again. Microsoft, the company behind the universally popular Windows operating system, revealed recently that the hackers behind the attack went on to compromise three new victims by gaining access to one of its company’s customer support agents.
Hackers gained control of a portal used by a single customer agent, allowing them to gain access to information from a “small number of customers.”
It might not be a hack to the same level as last time, but this is still extremely serious and shows how even the world’s leading software companies can be easily compromised by well-organized Russian hackers.
Microsoft hasn’t identified the victims so far, but it’s likely that the names of the individuals or companies who have been hit by the attack will be released soon. And who knows…maybe we’ll find out they’ve paid out millions of dollars in Bitcoin to retrieve their data, just like the Colonial Pipeline did.
Microsoft did, however, announce who they believe was responsible for the attack – Nobelium. That’s the same group, which is believed to be sponsored by the Russian state, that used similar methods to hack as many as 18,000 customers of Solar Winds, the Texas-based software provider.
Microsoft said that governments, non-profits, think tanks, computer companies, and even financial services firms were impacted by the hack.
Customers using Microsoft products have been warned to be careful when handling information relating to billing, and has also urged users to consider changing passwords and usernames to bypass any possible intrusion or vulnerabilities that currently exist.
The last hacking campaign also took the form of phishing – a method whereby computer users are compromised by clicking links that are made to look like something else.
Microsoft confirmed that the latest hack wasn’t directly related to SolarWinds, but that it was discovered while the company was proving how the SolarWinds attack happened.
The lesson here is…if you receive an email that doesn’t seem to be right, don’t click the links within it!