US government takes control of Internet domains used by SolarWinds hackers
IntelNews.org (est. 1988) offers daily commentary on intelligence and espionage developments from around the world. It is edited by intelligence experts Dr. Joseph Fitsanakis and Ian Allen.
THE UNITED STATES GOVERNMENT has taken control of two Internet domains used last month in a large-scale phishing campaign by the same Russian-linked hacker group that was behind SolarWinds. The Department of Justice said on Tuesday it seized the two domains, theyardservice[.]com and worldhomeoutlet[.]com, on May 28, following a decision by a US court that authorized the action.
The large-scale attack was detected on May 25, and was delivered in over 3,000 emails sent from a compromised account belonging to the United States Agency for International Development (USAID). The compromised account was paired with the services of a legitimate email marketing company called Constant Contact. It was subsequently used to deliver phishing emails to the employees of over 150 organizations worldwide, most of them American.
The phishing emails featured an official USAID logo, beneath which was an embedded link to a purported “USAID Special Alert” titled “Donald Trump has published new documents on election fraud”. The link sent users to one of the two illicit subdomains, which infected victim machines with malware. The latter created a back door into infected computers, which allowed the hackers to maintain a constant presence in the compromised systems.
According to Microsoft Corporation, the hackers behind the phishing attack originated from the same group that orchestrated the infamous SolarWinds hack in 2020. The term refers to a large-scale breach of computer systems belonging to the United States federal government and to organizations such as the European Union and the North Atlantic Treaty Organization. The threat actor behind the attack is referred to by cybersecurity experts as APT29 or Nobelium, among other names.
Speaking on behalf of the US Department of Justice’s National Security Division, Assistant Attorney General John C. Demers said on Tuesday that the seizure of the two Internet domains demonstrated the Department’s “commitment to proactively disrupt hacking activity prior to the conclusion of a criminal investigation”.
► Author: Joseph Fitsanakis | Date: 03 June 2021 | Permalink
Source: http://intelnews.org/2021/06/03/01-3014/
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Please Help Support BeforeitsNews by trying our Natural Health Products below!
Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST
Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!
HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.
Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.
MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser! Cleans out toxic buildup with oxygen!
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover - Reduces Smart Meter radiation by 96%! (See Video).