Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Investigating similar domain attacks

Michael Carbone michael at accessnow.org
Thu May 9 09:10:10 PDT 2013


Hi Libtech,

I'm currently working on the follow-up to a general report that we at
Access released in 2012, “Global Civil Society At Risk: An Overview of Some
of the Major Cyber Threats Facing Civil Society” and I'm looking for
examples of 'similar domain' attacks -- attacks in which an adversary
creates a similar-looking website to the targeted website with the
intention of drawing readers from the original site. This fake domain may
display content altered to an opposing view or serve malware to
unsuspecting users. This can also include fake social media profiles of
CSOs and media orgs.

I have evidence from Iran, Vietnam, Belarus, and Thailand already and would
like to build a more complete picture of these attacks if the data supports
it.

If you are aware of such attacks, please let me know if you haven't
already. At minimum, I am looking for the url address of targeted domain
(e.g. targeted-cso.org) and the url address of fake domain (e.g.
fake-cso.net) and the type of attack (i.e. was it replicating or altering
content, serving malware, etc).

Feel free to contact me off-list, my PGP key is in my
signature. Contributions and data can be anonymous or attributed as
desired, and I'm open to feedback on the methodology as well as content.

Thanks,
Michael

--
Michael Carbone
Manager of Tech Policy & Programs
Access | https://www.accessnow.org
michael at accessnow.org | PGP: 0x81B7A13
PGP Fingerprint: 25EC 1D0F 2D44 C4F4 5BEF EF83 C471 AD94 81B7 A13E
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130509/b9cbefd1/attachment.html>


More information about the liberationtech mailing list