Search Mailing List Archives
[liberationtech] Investigating similar domain attacks
aminsabeti at gmail.com
Thu May 9 13:58:13 PDT 2013
There are lots of fake domains that the pro-government of Iran
has launched it. These are some examples:
- Original: BBCPersian.Com // Fake:PersianBBC.ir: They copy the theme
and publish fake news
- Original: kaleme.com // Fake: kalame.co: They copy the theme and
publish fake new
On 9 May 2013 17:10, Michael Carbone <michael at accessnow.org> wrote:
> Hi Libtech,
> I'm currently working on the follow-up to a general report that we at
> Access released in 2012, “Global Civil Society At Risk: An Overview of Some
> of the Major Cyber Threats Facing Civil Society” and I'm looking for
> examples of 'similar domain' attacks -- attacks in which an adversary
> creates a similar-looking website to the targeted website with the
> intention of drawing readers from the original site. This fake domain may
> display content altered to an opposing view or serve malware to
> unsuspecting users. This can also include fake social media profiles of
> CSOs and media orgs.
> I have evidence from Iran, Vietnam, Belarus, and Thailand already and
> would like to build a more complete picture of these attacks if the data
> supports it.
> If you are aware of such attacks, please let me know if you haven't
> already. At minimum, I am looking for the url address of targeted domain
> (e.g. targeted-cso.org) and the url address of fake domain (e.g.
> fake-cso.net) and the type of attack (i.e. was it replicating or altering
> content, serving malware, etc).
> Feel free to contact me off-list, my PGP key is in my
> signature. Contributions and data can be anonymous or attributed as
> desired, and I'm open to feedback on the methodology as well as content.
> Michael Carbone
> Manager of Tech Policy & Programs
> Access | https://www.accessnow.org
> michael at accessnow.org | PGP: 0x81B7A13
> PGP Fingerprint: 25EC 1D0F 2D44 C4F4 5BEF EF83 C471 AD94 81B7 A13E
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech