Cybersecurity, Privacy, & AI

Trending Now

Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World

Published on June 2, 2021 • Cyber

DOJ Takes Down Domains Used in USAID Hack

Mark Van Scyoc | Shutterstock

The Department of Justice has seized two command-and-control (C2) and malware distribution domains used in recent spear-phishing activity that mimicked email from the U.S. Agency for International Development. The action was intended to disrupt any additional exploitation of victims and to help identify anyone compromised by the attack. However, DOJ indicated the hackers could have deployed additional accesses to victims’ before their domains were seized.

The attack commenced on or about May 25, when hackers launched a wide-scale spear-phishing campaign via a compromised USAID account at a mass market email marketing company. Specifically, the compromised account was used to send thousands of emails, purporting to be from USAID email accounts and containing a “special alert,” while lured users to a malicious site where malware was downloaded onto the victims’ computers.

Sources:

Department of Justice: Justice Department Announces Court-Authorized Seizure of Domain Names Used in Furtherance of Spear-Phishing Campaign Posing as U.S. Agency for International Development
NextGov: Justice Took Down Two Domains Used in USAID Hack
Gov Info Security: DOJ Seizes 2 Domains Linked to USAID Phishing Campaign

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.