Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / News I have a News Tip

There are Reports of Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks, NGOs

"In the wake of the 2016 United States Presidential Election, not even six hours after Donald Trump became the nation's President-Elect, an advanced persistent threat (APT) group launched a series of coordinated and well-planned spear phishing campaigns," according to a report from the Washington, D.C.-based cyber incident response firm Volexity.

— Five different attack waves were detected with a heavy focus on U.S.-based think tanks and non-governmental organizations (NGOs). These e-mails came from a mix of attacker created Google Gmail accounts and what appears to be compromised e-mail accounts at Harvard's Faculty of Arts and Sciences (FAS).

— The emails were sent in large quantities to different individuals across many organizations and individuals focusing on national security, defense, international affairs, public policy, and European and Asian studies.

— Two of the attacks purported to be messages forwarded on from the Clinton Foundation giving insight and perhaps a postmortem analysis of the elections. Two of the other attacks purported to be eFax links or documents pertaining to the election's outcome being revised or rigged.

— The last attack claimed to be a link to a PDF download on "Why American Elections Are Flawed."

According to Volexity, a group it refers to as The Dukes (also known as APT29 or Cozy Bear) is responsible for post-election attack activity. "The Dukes continue to launch well-crafted and clever attack campaigns. They have had tremendous success evading anti-virus and anti-malware solutions at both the desktop and mail gateway levels."

Related topics: Cyberattack, Cybersecurity, Malware
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

The Mails from the real attack look the same as our Phishing Simulation Templates - LUCY Palo Stacho  –  Nov 11, 2016 1:18 PM PST

Thank you for your article! We don't know if it was the Dukes. But what we know is that the Phishing e-mails look the same as our own best practice DIY phishing simulation templates which we provide together with LUCY Server! Obviously the cyber criminals are using best practices too: Our customers and partners say that the eFax Attack is a scenario with a high penetration rate! See our article on http://www.lucysecurity.com/phishing-cozy-bear-post-election-simulation/

To post comments, please login or create an account.

Related

Topics

DNS Security

Sponsored byAfilias

Mobile Internet

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.