The Russian-backed hacking group APT29, also known as Nobelium, compromised the Constant Contact account for USAID. Microsoft provides details on four new malware families used by Nobelium in recent attacks. The four new families include an HTML attachment named ‘EnvyScout’, a downloader known as ‘BoomBox’ and a shellcode downloader and launcher named ‘VaporRage’ The same group behind SolarWinds attack is believed to be behind the same hacking group behind Cobalt Strikeacons.
Source: https://www.bleepingcomputer.com/news/security/microsoft-russian-hackers-used-4-new-malware-in-usaid-phishing/