US Justice Department seizes two Nobelium Domain Names

As of 02/06/2021

Nobelium, the cyber threat group that was responsible for SolarWinds attacks last year, has made the headlines again. This time it has come up with a spear fishing campaign. 

The group targeted approximately 3,000 accounts linked to 150 think tanks, government organisations and non-government organisations. All received an email that included a reply option to a compromised USAID.gov mail ID. People thought this message was from the US Agency for International Development

Clicking on this email would direct the victim to download malware from TheYardService.com. The attackers then downloaded the Cobalt Strike tool into victim’s device which allowed them a constant presence. The tool was receiving communications from TheYardService.com and WorldHomeOutlet.com. These are the domain names that have been seized by the US Department of Justice. 

Nobelium is a Russian hacker group that primarily targets Think Tanks, Government and Non-government organisations, humanitarian groups and the military. The recent attack came into public view after Microsoft posted a blog about it.


Discussion

Join the Discussion

Discover more from Domain Magazine

Subscribe now to keep reading and get access to the full archive.

Continue reading

Verified by ExactMetrics