Last Updated on 06/12/2021 by Riya
The Russia-based Nobelium cybercriminals gang, who was responsible for last year’s SolarWinds cyberattack, has been attacking French firms since February 2021, according to the French national cyber-security bureau ANSSI.
Even though the Agence Nationale de la Sécurité des Systèmes d’Information has not identified how Nobelium gained access to email accounts linked to French organizations, it has indicated that the attackers exploited them to distribute hostile emails to international entities.
Faked emails generated from servers linked to foreign firms, suspected to be hacked by the same malicious attacker, were forwarded to French public organizations.
Nobelium’s infrastructure for the operations targeting French organizations was mostly composed of virtual private servers from several hosting services. According to a report presented,
“Interactions in the tactics, techniques, and processes (TTP) between the phishing attacks tracked by ANSSI and the SOLARWINDS distribution network threat in 2020 have been discovered.”