The Department of Justice announced Tuesday that it has seized two domains that were used during a recent phishing campaign that targeted a marketing firm used by
The Russia-linked SolarWinds hackers (Nobelium) are launching new attacks on the U.S. in a campaign that abuses a mass mailing service and impersonates a government agency.
minute read
Share this article:
Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact and posing as a U.S.-based development organization to deliver malicious URLs to more than 150 organizations.
The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities.
Microsoft Threat Intelligence Center (MSTIC) began tracking this latest campaign of Nobelium (previously known as Solarigate) in late January when it was in the reconnaissance stage, and observed as it “evolved over a series of waves demonstrating significant experimentation,” according to a blog post by the Microsoft 365 Defender Threat Intelligence Team.