Nobelium, as the hacking group is known, has “been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain” according to Tom Burt, corporate vice president of customer security and trust at Microsoft.
The Russian-linked hacking group that’s been blamed for an attack on the U.S. government and a significant number of private U.S. companies last year is targeting key players in the global technology supply chain, according to cybersecurity experts at Microsoft.
The hackers have been using phishing emails and a technique known as password spray, which involves trying commonly used passwords such as Password1 or 1234 against multiple accounts before moving on to try a second password.
