Boston: The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on US and foreign government agencies and think tanks this week using an email marketing account of the US Agency for International Development, Microsoft said.
The effort targeted about 3,000 email accounts at more than 150 different organisations, at least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post late Thursday.
It did not say what portion of the attempts may have led to successful intrusions.
The cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, said in a post that relatively low detection rates of the phishing emails suggest the attacker was likely having some success in breaching targets.