- Spotify will soon let you block R. Kelly Monday 6:01 PM
- New Click to Pray app lets you pray with Pope Francis Monday 5:30 PM
- Social media influencer known for hiking in bikinis dead at 36 Monday 4:54 PM
- Trump posts altered pics on social media to make fingers look longer, report Monday 3:20 PM
- Twitch user banned after telling woman to ‘kill yourself’ during stream Monday 3:06 PM
- Facebook introduces ‘Community Actions’ tool to petition the government Monday 2:04 PM
- Sarah Sanders, NRA deliver truly misguided MLK tributes today Monday 12:58 PM
- MAGA teen who confronted Native elder says he ‘respects all races’ Monday 12:57 PM
- Popular YouTube channel in danger of disappearing because of copyright claims Monday 12:24 PM
- The Krassensteins’ Reddit AMA gets trolled off the internet Monday 12:08 PM
- No, Trump didn’t break open the Pizzagate scandal in 2011 Monday 11:23 AM
- Producer of anti-abortion film says Facebook refuses to run his ads Monday 10:58 AM
- Ja Rule thinks he was also a victim of Fyre Fest Monday 10:21 AM
- YouTube beef between RiceGum and H3H3 gets ugly—and personal Monday 10:02 AM
- ‘Fox & Friends’ accidentally airs obituary graphic for Ruth Bader Ginsburg Monday 9:40 AM
Bogus Electronic Frontier Foundation site targets users with malware
A spear phishing campaign used the name of the Electronic Frontier Foundation to exploit victims’ trust.
The website used the domain electronicfrontierfoundation.org (EFF’s true domain is eff.org) and was set up earlier this month.
Spear phishing attacks work by taking advantage of a person’s trust in a familiar website. An attacker might send a link to a victim that appears trustworthy—for instance, if a victim is familiar with EFF, they might see an electronicfrontierfoundation.org link and not hesitate to click it. However, once a victim clicks the link, malware is installed onto his or her computer, which can then be used by an attacker to exploit it.
In this case, EFF suspects that the malware is Sednit, which could be used to install a keylogger—which tracks everything the victim types—or other software.
“It appears to have been used in a spear phishing attack, though it is unclear who the intended targets were,” EFF staff technologist Cooper Quintin wrote in a blog post.
Quintin said the attack is “relatively sophisticated” and uses a Java exploit to install its malware. He also noted that the malware is similar to that used in a larger spear phishing campaign known as Pawn Storm, which is thought to be associated with the Russian government.
EFF says it was alerted to the site’s existence by Google‘s security team. EFF reported the domain and says Oracle has patched the Java bug that allowed the malware to be installed.
“Of course this is an excellent reminder for everyone to be vigilant against phishing attacks,” Quintin wrote. “Our SSD guide contains advice on how to improve your security, watch for malicious emails, and avoid phishing attacks such as this one.”
H/T Hackread | Illustration by Max Fleishman
Kate Conger is a politics and cybersecurity journalist who currently writes for Gizmodo. Her work has previously appeared in BuzzFeed, Digital Trends, Real Clear Politics, San Francisco Examiner, and elsewhere. Together with Dell Cameron, she won the Society of Professional Journalists' award for Best Scoop in 2017 for a report on the leak of data about 200 million American voters.