The spear-phishing attempt appears to be part of "Pawn Storm," a massive attack that's been underway across the net for more than a month, and involved a rare zero-day (previously unknown) Java exploit.
The attackers, APT28, a group with longstanding suspected Russian government ties, used URLs at the domain "electronicfrontierfoundation.org" in their phishing emails (the Electronic Frontier Foundation can be found at eff.org). Pawn Storm has many targets, including the White House and NATO.
Oracle has patched the Java zero-day. Pawn Storm continues. To get good, practical advice on protecting yourself from this sort of cyber-attack, read EFF's Surveillance Self-Defense Kit.
Because this attack used the same path names, Java payloads, and Java exploit that have been used in other attacks associated with Pawn Storm, we can conclude that this attack is almost certainly being carried out by the same group responsible for the rest of the Pawn Storm attacks. Other security researchers have linked the Pawn Storm campaign with the original Sednit and Sofacy targeted malware campaigns–also known as “APT 28”–citing the fact that they use the same custom malware and have similar targets. In a 2014 paper the security company FireEye linked the “APT 28” group behind Sednit/Sofacy with the Russian Government (PDF) based on technical evidence, technical sophistication, and targets chosen. Drawing from these conclusions, it seems likely that the organization behind the fake-EFF phishing attack also has ties to the Russian government. Past attacks have targeted Russian dissidents and journalists, U.S. Defense Contractors, NATO forces, and White House staff. We do not know who the targets were for this particular attack, but it does not appear that it was EFF staff.
New Spear Phishing Campaign Pretends to be EFF [Cooper Quintin/EFF]
(Icon: Pawn logo, The Pawn Language Logo)
In Artificial Condition, Martha Well’s soap opera loving rogue security AI remains cantankerous and awesome. Murderbot is an AI security robot with a busted autonomy regulator. So long as they can keep the regulator a secret, they can remain fully aware and independent. Mostly they want to watch soap operas. Soap operas and to be […]
Mr. Know-It-All: The Tarnished Wisdom of a Filth Elder, John Waters’ new book, sounds like a demented must-have: It “serves it up raw: how to fail upward in Hollywood; how to develop musical taste from Nervous Norvus to Maria Callas; how to build a home so ugly and trendy that no one but you would […]
Chamber’s second novel, A Closed and Common Orbit, in her Wayfarer series is so wonderful I cried several times. A Closed and Common Orbit picks up immediately after Chambers’ first story, Long Way to a Small and Angry Planet concludes but is barely an extension of that tale, beyond further expanding on Chambers’ wonderful universe. […]
Paying for things is all too easy online these days, and that’s why managing your money has gotten so hard. We’ve all done it: You sign up for a streaming subscription or gym membership, blow past the free trial date, and it becomes a part of your monthly expenses. Some of us juggle so many […]
We all know those gifts we get “for the kids,” the ones that parents are secretly more excited to open. Drones are a perfect example, but there’s a model out there that really doubles down on that appeal. Introducing the Space Fighter Building Block Drones, a series of space fighter drones that are a blast […]
The hardest part of web design can be nailing down the look. These days, even non-designers can easily spot a stale stock photo or lazily-made icon. What’s the solution? No matter what kind of artist you are, it’s always a good idea to widen your palette. And with more than a million vector images to […]