Hackers have set up a fake domain masquerading as an official site for the Electronic Frontier Foundation as part of a targeted malware campaign. According to the EFF itself, the site, electronicfrontierfoundation[dot]org, is designed to trick users into a false sense of trust, and it appears to have been used in a spear-phishing attack and is still serving malware. Further, the domain seems to be part of a larger campaign. The attack uses the same path names, Java payloads and Java exploit, that have been used in other attacks associated with Pawn Storm, which is being carried out by a group known as APT 28—which is believed to have ties to the Russian government.
