Source: United States Department of Justice Criminal Division
On May 28, 2021, pursuant to court orders issued in the Eastern District of Virginia, the United States seized two command-and-control (C2) and malware distribution domains used in recent spear-phishing activity that mimicked email communications from the U.S. Agency for International Development (USAID). This malicious activity was the subject of a May 27, 2021 Microsoft security alert, titled “New sophisticated email-based attack from Nobelium,” in which Microsoft attributed the activity to a nation-state group.