VMware-Related Domains

Published on:

March 11, 2024

Potential phishing on reregistering old, inactive vmware-related domains

Using some monitors, @neurovagrant observed an actor creating or reregistering old, inactive vmware-related domains and spinning them up for likely phishing purposes.

vmware-shop[.]store
Registrar: Gname
Host: Alibaba
First seen: 2023-03-11 (today)
Screenshot of landing page below taken today, appears to be directly impersonating vmware/Broadcom, probably phishing for creds.

vmwareshop[.]com also reregistered today, Gname registration and NS but no hosting yet.

Related Content

SecuritySnacks

SecuritySnack - CloudFlare Anti-Security For Phishing

A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scanners—and what it means for the industry.

Learn More

SecuritySnacks

Cybersecurity Reading List - Week of 2026-03-02

A broken snowblower belt taught me something cybersecurity professionals often forget — saying "I don't know" isn't failure. It's where the real work begins.

Learn More

SecuritySnacks

SecuritySnack - Idolized Crypto Scams

An analysis of an active cryptocurrency scam operation impersonating Trump, Musk, and Truth Social across 250+ domains — uncovering shared wallet infrastructure, on-chain laundering pipelines, and the tactics used to fake legitimacy.

Learn More

VMware-Related Domains

Potential phishing on reregistering old, inactive vmware-related domains

Heading