EFF staff targeted in state-sponsored espionage campaign
Posted on 20.01.2014
For the first time since the organisation's inception, Electronic Frontier Foundation's staffers have been hit with a targeted malware attack by what appear to be state-aligned actors.

The international digital rights group believes that the attack was mounted by hackers employed by the Vietnamese government, which has a well-documented tendency to target political dissenters, journalists and bloggers with spying and DDoS malware.

The email EFF staffers have received has supposedly been sent by one Andrew Oxfam, and ostensibly contains an invitation to join a conference in Asia. The email also includes two links that, at first glance, lead to Oxfam's official site, and two HTML application (.hta) files.

"This targeting is especially interesting because it demonstrates some understanding of what motivates activists. Just as journalists are tempted to open documents promising tales of scandal, and Syrian opposition supporters are tempted to open documents pertaining to abuses by the Assad regime, human rights activists are interested in invitations to conferences," noted EFF's Eva Galperin and Morgan Marquis-Boire.

Both links lead to malware hosted on Google Drive, and both attachments are also malicious - the files in question are made to exploit vulnerabilities in the targets' software and download a persistent backdoor Trojan. And the bad news is that only one AV solution ised by Virus Total detects this files as potentially malicious.

It's interesting to note that the same malicious file has also been sent to an Associated Press reporter via a different targeted email, and earlier this year to a Vietnamese pro-democracy blogger living in California (her computer ended up being compromised).

The malware "phones" back to a C&C server previously associated with Vietnamese-affiliated malware.

"The group behind these attacks appears to have been operating since late 2009, and has been very active in the targeting of Vietnamese dissidents, people writing on Vietnam, and the Vietnamese diaspora," the EFF noted.









Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, you’ll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //