- Netflix series ‘Followers’ is a visual treat—but lacks a clear narrative Today 6:00 AM
- Influencer got trapped under ice for TikTok clout, ‘came close to dying’ Thursday 7:59 PM
- #BernieBruh puts new spin on ‘Bernie Bro’ label, showcases support among Black voters Thursday 6:58 PM
- Camila María Concepcíon, trans activist and Netflix writer, dies at 28 Thursday 5:46 PM
- Chrissy Teigen calls out fan who made weird comment about her daughter’s feet Thursday 4:57 PM
- TikTok’s ‘clean queen’ says videos are helping her figure out ‘adulting’ Thursday 4:12 PM
- Clearview clients include ICE, Macy’s, Best Buy, leaked data reveals Thursday 4:08 PM
- Women are clamoring to get their photos on a Twitter feed of ‘hot mugshots’ Thursday 4:06 PM
- ‘Love Is Blind’ finale: Somehow, real love emerged from this dystopian setting Thursday 3:57 PM
- Creator of ‘Say So’ TikTok dance appears in Doja Cat music video Thursday 3:51 PM
- Is TikTok’s algorithm actually pretty racist? Thursday 3:45 PM
- Fans freaking out over ‘Say My Name’ horror remix featured in Jordan Peele’s ‘Candyman’ Thursday 3:33 PM
- CDC graphic warns most facial hair isn’t compatible with coronavirus protection measures Thursday 1:31 PM
- Tutoring website refuses to take down ad sexualizing Asian women Thursday 1:24 PM
- MSNBC pundit loses air time after saying Sanders staffers are ‘island of misfit Black girls’ Thursday 12:36 PM
Bogus Electronic Frontier Foundation site targets users with malware
A spear phishing campaign used the name of the Electronic Frontier Foundation to exploit victims’ trust.
The website used the domain electronicfrontierfoundation.org (EFF’s true domain is eff.org) and was set up earlier this month.
Spear phishing attacks work by taking advantage of a person’s trust in a familiar website. An attacker might send a link to a victim that appears trustworthy—for instance, if a victim is familiar with EFF, they might see an electronicfrontierfoundation.org link and not hesitate to click it. However, once a victim clicks the link, malware is installed onto his or her computer, which can then be used by an attacker to exploit it.
In this case, EFF suspects that the malware is Sednit, which could be used to install a keylogger—which tracks everything the victim types—or other software.
“It appears to have been used in a spear phishing attack, though it is unclear who the intended targets were,” EFF staff technologist Cooper Quintin wrote in a blog post.
Quintin said the attack is “relatively sophisticated” and uses a Java exploit to install its malware. He also noted that the malware is similar to that used in a larger spear phishing campaign known as Pawn Storm, which is thought to be associated with the Russian government.
EFF says it was alerted to the site’s existence by Google‘s security team. EFF reported the domain and says Oracle has patched the Java bug that allowed the malware to be installed.
“Of course this is an excellent reminder for everyone to be vigilant against phishing attacks,” Quintin wrote. “Our SSD guide contains advice on how to improve your security, watch for malicious emails, and avoid phishing attacks such as this one.”
H/T Hackread | Illustration by Max Fleishman
Kate Conger is a politics and cybersecurity journalist who currently writes for Gizmodo. Her work has previously appeared in BuzzFeed, Digital Trends, Real Clear Politics, San Francisco Examiner, and elsewhere. Together with Dell Cameron, she won the Society of Professional Journalists' award for Best Scoop in 2017 for a report on the leak of data about 200 million American voters.