The Streetjournal Magazine is an online investigating media house that specializes on systematic, serious crimes, political corruption or corporate wrongdoing.
Thinkstock
The Russian hacking group behind the supply chain attack that poisoned software updates for the SolarWinds Orion platform has been perfecting its email-based attacks over the past few months to plant backdoors inside organizations. These efforts recently escalated with an attack launched from a hijacked email marketing account belonging to USAID and targeted around 3,000 people across over 150 organizations in 24 countries.
The hacking group, known in the security industry as APT29, Cozy Bear, The Dukes and Nobelium, has been tied to the Russian Foreign Intelligence Service (SVR) by the US and UK governments. It has a long history of targeting governmental or government-tied organizations, sometimes using zero-day exploits to gain initial access. In this latest email campaign observed by Microsoft, around a quarter of Nobelium s targets were organizations involved in international development, humanitarian, and human rights work.