Attackers, possibly associated with the Russian government, registered a phony Electronic Frontier Foundation domain earlier this month in an attempt to dupe users into thinking correspondence from the site was coming from the well-known privacy watchdog.
The scheme, largely carried out via spear phishing, appears to be part of a larger campaign previously dubbed Pawn Storm.
According to a blog post by the EFF’s Cooper Quintin on Thursday the fake domain – electronicfrontierfoundation.org – was registered more than three weeks ago and quickly used as part of an attack alongside a recently patched Java zero day.
Leave a reply
