Electronic Frontier Foundation Targeted by Cyber Espionage Campaign

by NewsEditor_ on September 2nd, 2015 in Industry and Security News.

The Electronic Frontier Foundation, (https://www.eff.org/) a non-profit organization which defends online civil liberties, was targeted by a sophisticated phishing campaign by cyber criminals linked to Russian-based espionage. The threat was initially identified by Google’s security staff, as the criminals created a fake website that appeared to belong to the digital rights organization. Targets of the attack were contacted through emails which were made to look like legitimate messages from Electronic Frontier Foundation staff and directed them to the fake website.

Phishing attacks refer to the practice of baiting unsuspecting users with emails, instant messages or websites that appear legitimate. When a user clicked the link in the spoofed email, they were directed to the fake EFF website and infected with a computer virus using a recent Java vulnerability. The compromise allowed the attackers to install additional viruses on the targets’ machines tailored to specific users, potentially adapting the attack to Mac or Linux users in addition to Windows machines. 

The Electronic Frontier Foundation attributes the attack to Operation Pawn Storm: “Because this attack used the same path names, Java payloads, and Java exploit that have been used in other attacks associated with Pawn Storm, we can conclude that this attack is almost certainly being carried out by the same group responsible for the rest of the Pawn Storm attacks.” Operation Pawn Storm is a cyber-espionage operation which targets military agencies, embassies, and defense contractors as well as journalists and dissidents of the Russian government. Trend Micro reports that the campaign often targets specific users: “In one example, a spear phishing email was sent to only 3 employees of the legal department of a billion-dollar multinational firm. The e-mail addresses of the recipients are not advertised anywhere online.” In a 2014 paper the online security company FireEye linked these attacks with the Russian government based on technical evidence and the choice of targets. 

No votes yet

Facebook Comments Box


Our best antivirus yet!

Fresh new look. Faster scanning. Better protection.

Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

Download adaware antivirus 12
No thanks, continue to lavasoft.com
close x

Discover the new adaware antivirus 12

Our best antivirus yet

Download Now