The spear-phishing attempt appears to be part of "Pawn Storm," a massive attack that's been underway across the net for more than a month, and involved a rare zero-day (previously unknown) Java exploit.
The attackers, APT28, a group with longstanding suspected Russian government ties, used URLs at the domain "electronicfrontierfoundation.org" in their phishing emails (the Electronic Frontier Foundation can be found at eff.org). Pawn Storm has many targets, including the White House and NATO.
Oracle has patched the Java zero-day. Pawn Storm continues. To get good, practical advice on protecting yourself from this sort of cyber-attack, read EFF's Surveillance Self-Defense Kit.
Because this attack used the same path names, Java payloads, and Java exploit that have been used in other attacks associated with Pawn Storm, we can conclude that this attack is almost certainly being carried out by the same group responsible for the rest of the Pawn Storm attacks. Other security researchers have linked the Pawn Storm campaign with the original Sednit and Sofacy targeted malware campaigns–also known as “APT 28”–citing the fact that they use the same custom malware and have similar targets. In a 2014 paper the security company FireEye linked the “APT 28” group behind Sednit/Sofacy with the Russian Government (PDF) based on technical evidence, technical sophistication, and targets chosen. Drawing from these conclusions, it seems likely that the organization behind the fake-EFF phishing attack also has ties to the Russian government. Past attacks have targeted Russian dissidents and journalists, U.S. Defense Contractors, NATO forces, and White House staff. We do not know who the targets were for this particular attack, but it does not appear that it was EFF staff.
New Spear Phishing Campaign Pretends to be EFF [Cooper Quintin/EFF]
(Icon: Pawn logo, The Pawn Language Logo)
In Artificial Condition, Martha Well’s soap opera loving rogue security AI remains cantankerous and awesome. Murderbot is an AI security robot with a busted autonomy regulator. So long as they can keep the regulator a secret, they can remain fully aware and independent. Mostly they want to watch soap operas. Soap operas and to be […]
Mr. Know-It-All: The Tarnished Wisdom of a Filth Elder, John Waters’ new book, sounds like a demented must-have: It “serves it up raw: how to fail upward in Hollywood; how to develop musical taste from Nervous Norvus to Maria Callas; how to build a home so ugly and trendy that no one but you would […]
Chamber’s second novel, A Closed and Common Orbit, in her Wayfarer series is so wonderful I cried several times. A Closed and Common Orbit picks up immediately after Chambers’ first story, Long Way to a Small and Angry Planet concludes but is barely an extension of that tale, beyond further expanding on Chambers’ wonderful universe. […]
Whether you own or rent your place, insurance on that home is a necessary hassle – but a new tech-driven company called Lemonade is starting to show that while it might indeed be a necessity, it doesn’t have to be a hassle. Here’s the way insurance typically works: You pay premiums and hope an accident […]
We’ve all got a perfect website in our minds. In the past, the problem has been the barrier of language – specifically, the computer languages used to create those glittering, animation-filled pages you flock to. Now, Mac users have an alternative. Blocs 3 is a website builder that can provide an easy visual interface for […]