A hacking group believed to be operating out of Russia breached Denmark’s central bank (Danmarks Nationalbank) and planted a backdoor that gave them stealthy access to the network for seven months. The intrusion was part of the SolarWinds cyber-espionage campaign that hit hundreds of organizations last year. The US authorities attributed this campaign to an APT group known as APT29, The Dukes, Cozy Bear, or Nobelium.
The Denmark’s central bank breach was first reported by IT media Version2, citing documents obtained under a freedom of information request, such as SolarWinds emails. According to the news outlet, in Danmarks Nationalbank's case, Solarwinds' backdoor was open for more than half a year before the attack was discovered by the American security company Fire Eye.
In an email statement sent to Version2 the Denmark’s central bank confirmed that it was affected by the SolarWinds attacks and said it took actions immediately after learning about the intrusion. The bank said it found no evidence that the attack “had any real consequences.”
Last week, Microsoft said it detected a new wave of attacks conducted by the Nobellium hacking group. The tech giant said its investigation showed that hackers used password spray and brute-force techniques to compromise victims. While Nobelium’s recent activity was largely unsuccessful, the hackers managed to breach networks of three new entities. The attacks targeted mostly IT companies (57%), followed by government (20%), and non-governmental organizations and think tanks, as well as financial services.
