VMware-Related Domains

Potential phishing on reregistering old, inactive vmware-related domains

Using some monitors, @neurovagrant observed an actor creating or reregistering old, inactive vmware-related domains and spinning them up for likely phishing purposes.

vmware-shop[.]store
Registrar: Gname
Host: Alibaba
First seen: 2023-03-11 (today)
Screenshot of landing page below taken today, appears to be directly impersonating vmware/Broadcom, probably phishing for creds.

vmwareshop[.]com also reregistered today, Gname registration and NS but no hosting yet.