The
email appeared to come from a trusted colleague at a renowned academic
institution and referenced a subject that was a hot-button issue for the
recipient, including a link to a website where she could obtain more
information about it.
But
when the recipient looked closely at the sender’s email address, a
tell-tale misspelling gave the phishing attempt away — the email
purported to come from a professor at Harvard University, but instead of
harvard.edu, the email address read “hardward.edu”.
Not
exactly a professional con-job from nation-state hackers, but that’s
exactly who may have sent the email to an American woman, who believes
she was targeted by forces in Turkey connected to or sympathetic to the
powerful Gülen Movement, which has infiltrated parts of the Turkish
government.
The
email contained a link to a web site in Turkey, where a malicious
downloader file was waiting to install on her computer — a downloader
that has been connected in the past to a spy tool purportedly sold
exclusively to law enforcement and intelligence agencies around the
world.
The
woman, who asked to remain anonymous because she’s concerned about
retaliation, sensed the email was a fraud and did not follow the link.
Instead, the email was passed to researchers at digital forensics firm Arsenal Consulting, who set up a honeypot to visit the Turkish web site and obtained the downloader.
Περισσότερα Wired
infognomonpolitics@gmail.com
Δεν υπάρχουν σχόλια:
Δημοσίευση σχολίου