According to researchers, the same infrastructure linked to the Russian-speaking threat organisation Nobelium is being used to build up misspelt domain names, indicating the possibility of impersonation attacks aimed at credential harvesting.
The attackers are leveraging infrastructure identical to that used by Nobelium to put up their command-and-control (C2) servers, according to Recorded Future’s newest research. Read More…