Amazon broke up a phishing operation that impersonated thousands of Amazon Web Service (AWS) domains. The AWS security team, along with the Ukrainian CERT-UA blamed the Russian-backed APT 29 group for an attack which used spoofed AWS domains in an attempt to harvest login credentials from Ukrainian-speaking targets.

Source: SC Magazine