U.S. Department of Justice takes control of two command-and-control (C2) and malware distribution domains used in spear-phishing campaign. Microsoft, Secureworks, and Volexity shed light on a new spearphishing activity unleashed by the Russian hackers who breached SolarWinds IT management software. Microsoft attributed the ongoing intrusions to the Russian threat actor it tracks as Nobelium. The wide-scale campaign was detected on May 25, leveraged a compromised USAID account at a mass email marketing company called Constant Contact to send phishing emails to approximately 3,000 email accounts.
Source: https://thehackernews.com/2021/06/us-seizes-domains-used-by-solarwinds.html