Latest APT 28 Campaign Incorporates Fake EFF Spearphishing Scam

August 30, 2015

Via: malware

Attackers, possibly associated with the Russian government, registered a phony Electronic Frontier Foundation domain earlier this month in an attempt to dupe users into thinking correspondence from the site was coming from the well-known privacy watchdog.

The scheme, largely carried out via spear phishing, appears to be part of a larger campaign previously dubbed Pawn Storm.

According to a blog post by the EFF’s Cooper Quintin on Thursday the fake domain – – was registered more than three weeks ago and quickly used as part of an attack alongside a recently patched Java zero day.

Read More