Over 150 organizations have been targeted by the same hacking collective that is allegedly responsible for the SolarWinds incident in December, Microsoft has announced.

According to the software company, the hacks aim at crippling agencies involved in information gathering for foreign policy reasons.

“This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations. While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries. At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work. Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020,” Microsoft said in a statement issued on Thursday.

Nobelium has allegedly used USAID’s account for email marketing service Constant Contact to launch the new wave of attacks this week. The hackers are said to have used it to send out phishing emails, distributing a backdoor known as NativeZone, which allows, among other things, to steal data and infect other computers connected to the same network.

The United States has been accusing Kremlin of being involved in the SolarWinds hack, while Moscow has denied any role in the incident. Earlier in the month, Russian Foreign Intelligence Service Director Sergey Naryshkin expressed the belief that US spy agencies could be behind the hacking attack.