Microsoft claims that some of its customer support tools were accessed by the Nobelium hacking group, which was also connected to the SolarWinds attacks, due to the compromise of a Microsoft customer service agent’s computer. Microsoft said Reuters that the agent had limited access and could see things like the services used by customers and their billing details. According to Microsoft, the hackers used the information gleaned from the tools to launch “highly targeted” attacks against specific Microsoft customers.
The attacks, according to Microsoft, were part of a larger Nobelium campaign focused largely on IT companies and governments around the world. The company says it contacted customers who were impacted by the hacking group’s use of the tools and Nobelium no longer has access to the customer support agent’s device.
Microsoft has been talking a lot about security today, especially when it comes to its upcoming Windows 11, as the company tries to advocate for requiring users to have specific hardware to perform the upgrade. . Incidents like these, where a compromised computer could give hackers a leg up on future attacks, exemplify the cat-and-mouse game Microsoft is playing with those seeking to breach its security.