• Home
  • Domains
  • Internet & Tech
  • Security & Privacy
  • Google & Search
  • Editorial Praise
  • Contact

Strategic Revenue - Domain and Internet News

Internet news authored by John Colascione

Register Domain Names

  • Isn’t Print Dead?
  • Killer Acquisition
  • New gTLD Death
  • Online Censorship
  • Gullible Domainers
  • You’re A Loser
You are here: Home / Domain Names / Amazon Seizes Domains Used by Russian Hackers Targeting Windows Users

Amazon Seizes Domains Used by Russian Hackers Targeting Windows Users

October 31, 2024 By John Colascione Leave a Comment

*** Here Is A List Of Some Of The Best Domain Name Resources Available ***

Register Domain Names

Amazon Seizes Domains Used by Russian Hackers Targeting Windows Users
The reason Amazon stepped-in is that the attacks were done while impersonating the company’s cloud arm, known as Amazon Web Services (AWS); recipients of the phishing emails noted they were written in Ukrainian, reports say.

SEATTLE, WA – Online shopping retail giant Amazon this week seized multiple internet domains that have been utilized by Russian hackers to launch phishing attacks that targeted users of Microsoft’s Windows operating system.

Chief Information Security Officer at Amazon, CJ Moses, announced in a blog post that Midnight Blizzard, otherwise known as APT29 – a threat actor directly sponsored by the Russian government – had been targeting government agencies, empires, and military organizations with large scale phishing attacks.

The reason Amazon stepped-in is that the attacks launched by Midnight Blizzard were done while impersonating the company’s cloud arm, known as Amazon Web Services (AWS); recipients of the phishing emails noted they were written in Ukrainian, reports say.

However, it was revealed that the goal of the Midnight Blizzard campaign was to steal Windows credentials to use through Windows Remote Desktop, as opposed to targeting AWS or stealing AWS credentials from the service’s users.

🚨 Russian state hackers from #CozyBear (#MidnightBlizzard) group are targeting over 100 organizations globally with a new phishing campaign using signed RDP files disguised as legitimate docs.#CyberSecurity #CyberAttack #Phishing #Russia

Read: https://t.co/Jr83I3ZdVp

— Hackread.com (@HackRead) October 30, 2024

Moses noted that, in addition to Amazon taking action, CERT-UA – the Computer Emergency Response Team of Ukraine, part of the country’s State Center for Cyber Defense – released a comprehensive update on their usual procedures to help victims tell legitimate communications from cyberattacks carried out by third-parties.

Upon learning of this activity, we immediately initiated the process of seizing the domains APT29 was abusing which impersonated AWS in order to interrupt the operation,” Moses said. “CERT-UA has issued an advisory with additional details on their work.”

We can also use a regular expression to search for *.rdp files in the temporary folders that Outlook uses to detect traces of #MidnightBlizzard / #Nobelium activity 🔍

A short form would be:
\Content.Outlook\[A-Z0-9]{8}\[^\]{1,255}.rdp$

Or as string contains combo:… https://t.co/MqsXOeE8EX pic.twitter.com/IXBHLS6VBp

— Florian Roth (@cyb3rops) October 31, 2024

Midnight Blizzard previously gained a measure of infamy following their attack upon Microsoft earlier in 2024 – with the threat actor gaining access to both corporate email accounts in the company’s cybersecurity and legal departments, as well as those of outside organizations – leading to the tech giant implementing completely new and stringent security policies going forward.

John Colascione 2024
John Colascione

About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®

Filed Under: Domain Names, Security Issues Tagged With: 2024, Abusing, Access, Actor, Advisory, Agencies, Amazon, Apt29, Attacks, AWS, Blizzard, Campaign, Center, Cert-UA, Cj Moses, Cloud, Communications, Company, Comprehensive, Computer, Corporate, Country, Credentials, Cyber, Cyberattacks, Cybersecurity, Defense, Domains, Email Accounts, Emails, Emergency, Empires, Giant, Goal, Government, Hackers, Help, Impersonated, Impersonating, Implementing, Information, Internet, Interrupt, Large Scale, Launch, launched, Legal, Legitimate, Microsoft, Midnight, Midnight Blizzard, Military, Officer, Online, Operating System, Operation, Order, Organizations, Phishing, Policies, procedures, recipients, Released, Remote Desktop, Reports, Response, Retail, Revealed, Russian, Security, Seized, Seizing, Service, Shopping, State, Steal, Stealing, Targeted, Targeting, Team, Tech, Third Party, Threat, Ukraine, Ukrainian, Update, Users, Utilized, Victims, Web Services, Windows

*** Here Is A List Of Some Of The Best Domain Name Resources Available ***

Register Domain Names

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search This Site

by: John Colascione

John Colascione

Best Site for Things to Do While Visiting Florida
John Colascione is Chief Executive of Internet Marketing Services Inc. He specializes in Website Monetization, authored a book called Mastering Your Website, and is a key player in several Internet businesses through his brand SEARCHEN®

#Indiana.com

GEO domain name

Follow Me

John Colascione Twitter

USED CARS ENTERPRISE

auto buyers market
Auto Buyers Market – Shop Used Cars by Participating Dealers at autobuyersmarket.com

In The News

  • DNJournal: New Book From Veteran Domainer
  • From Brandable to Exact-Match Geo Domain
  • InnovateLI: Two Deals, One Very Interesting Digital
  • Internet Commerce Association: John Colascione
  • NamesCon: Featured Attendee: John Colascione
  • Long Island Media Inc, SmartCEO, Future 50
  • Speakers, Name Summit, John Colascione
  • Speakers, Real Estate Summit, John Colascione
  • 24 Leading Domain Experts Analyze 2017

Popular Stories

New gTLD? Not So Fast; History Suggests New ‘Right of the Dots’ Could = Total Failure

Could Domain Investing Industry End with Legal Provision for Domain “Hoarding”

Did DuckDuckGo Just Acquire Premium Domain “Duck.com” from Google?

Websites and Domain Names to Become Insignificant within 20 Years or Less

Does the Domain Industry Suffer From Own Versions of Trumpted “Fake News” Stories?

Quotes to Follow

quote icon The domain name is equivalent to Gold. It is the only packaged item which is globally tax-free, portable, with value that is universal across different cultures. quote icon – Frank Schilling

quote icon Domains have and will continue to go up in value faster than any other commodity ever known to man. quote icon – Rick Schwartz

quote icon  Google knows you, your friends, your likes, what entertains you, where you are in the world at any given time. Google will soon predict your next action, your next thought, based on a collaboration of thoughts past. quote icon – John Colascione

Like These Headlines?

Enter your email address:

Delivered by FeedBurner

T.L.D. Brokerage

Domain Brokers

Books on Domain Names

  • Books on Domain Names
  • Best Biz Cash Back Credit Card (5%)

The Evolving Landscape of Search, SEO, AI and the Role of Domains

WEST PALM BEACH, FL - I’ve been in this industry for nearly 25 years. When I first started, most people hadn’t even heard of Google. Today, Google is the single most influential factor in whether a … [Read More...]

Google’s Search Market Share Dips Below 90% for First Time in Decade

MOUNTAIN VIEW, CA - Google's global search engine market share fell below 90% in the final quarter of 2024, marking the first time since 2015 that it has dipped under this threshold. Regional … [Read More...]

Near Identical Domain Used To Scam Over $800,000 With Wire For Real Estate Deal

AUSTRALIA - A South Australian woman narrowly avoided a complete financial disaster after falling victim to a sophisticated business email compromise (BEC) scam that led to the loss of over $800,000. … [Read More...]

Domaining blog recommended by Domaining.com

Copyright © 2010-2025 StrategicRevenue.com - Property of Internet Marketing Services Inc.   FeedBurner: RSS
By using this site you agree to our Terms of Service and Privacy Policy. If you do not agree, please exit the service.