CyberSecurityBoard
Sponsor Register Login

Threat Actors Mimic Electronic Frontier Foundation To Attack Gaming Community

Researchers at Hunt.io identified messages on the game’s forum directing players to phishing websites under the pretext of discussing security for in-game assets tied to their accounts. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Albion Online, a multiplayer online role-playing game with a player-driven economy, has become a lucrative target due to third-party markets where in-game assets are exchanged for real money. A key component of the attack is a Windows shortcut (LNK) file named “Report-Albion-Online.lnk” which executes PowerShell with an Execution Policy Bypass to run malicious scripts. This Python script contains two encoded portions that, when decoded, reveal connections to command and control servers at 104.245.240.19:443 and 212.87.222.84:443, identified as Stealc stealer and Pyramid C2 infrastructure respectively. With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many organizations. Cybersecurity researchers have uncovered a sophisticated campaign targeting the Albion Online gaming community through impersonation of the Electronic Frontier Foundation (EFF). Tushar is a Cyber security content editor with a passion for creating captivating and informative content. The operation, discovered in early March 2025, leverages decoy documents designed to appear as official EFF communications while deploying malware in the background. The attackers employed an exposed open directory containing a mix of PDFs, ZIP archives, and PowerShell scripts, revealing their operational infrastructure. Upon execution, the PowerShell script retrieves malicious components and drops them into the victim’s system. This campaign shows that how threat actors combine legitimate organizations’ reputations with technical sophistication to target specific communities. Users are advised to verify the authenticity of communications and exercise caution with unsolicited messages, especially those requesting immediate action.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 06 Mar 2025 17:45:23 +0000


Cyber News related to Threat Actors Mimic Electronic Frontier Foundation To Attack Gaming Community

Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
1 year ago Microsoft.com Kimsuky
The Deep Web and the Security Challenges Facing the Gaming Industry - The gaming industry is no stranger to cyberattackers. A combination of valuable user data and monetizable rewards makes gaming a ripe target for malicious actors. With the advent of the Deep Web, cyber criminals have been able to further conceal ...
2 years ago Securityaffairs.com
Latest Information Security and Hacking Incidents - A cyberattack has compromised the prestigious game company Insomniac Games, exposing private data without authorization. Concerns over data security in the gaming business have been raised by this hack, which has spread throughout the community. ...
1 year ago Cysecurity.news Rhysida
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors - Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers. Threat actors may have exploited a zero-day in older iPhones, Apple warns. Nation-state ...
8 months ago Securityaffairs.com CVE-2024-0769 CVE-2022-38028 CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-4966 APT28
Here's How to Make Your Gaming Experience Safer - Over 1 billion people worldwide regularly play online games. The emergence of high-quality games, multiple gaming mediums, and online communities has prompted gamers to overlook the dark side of online gaming. If you play games online on your ...
1 year ago Cybersecurity-insiders.com
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com CVE-2023-42793 APT29
Threat Actors Mimic Electronic Frontier Foundation To Attack Gaming Community - Researchers at Hunt.io identified messages on the game’s forum directing players to phishing websites under the pretext of discussing security for in-game assets tied to their accounts. Cyber Security News is a Dedicated News Platform For Cyber ...
2 weeks ago Cybersecuritynews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
1 year ago Microsoft.com
Is Hybrid Play Leveling the Playing Field for Online Video Gaming? - As technology continues to evolve, the market for online video gaming has grown exponentially. With the advent of hybrid play, we have seen the emergence of digital console gaming and increasing proficiency in a variety of gaming platforms. This ...
2 years ago Welivesecurity.com
Gaming PCs as Silent Storytellers: Why Privacy Is Crucial - Online games and video games are incredibly popular as a way to connect with people and interact with them. Many people enjoy playing games online, either on gaming consoles, computers, or mobile devices. Online gaming also poses some risks, such as ...
1 year ago Cysecurity.news
How to Use Threat Intelligence Feeds for SOC/DFIR Teams - Threat intelligence feeds provide real-time updates on indicators of compromise, such as malicious IPs and URLs. Security systems can then ingest these IOCs to identify and block potential threats, which essentially grants organizations immunity to ...
10 months ago Cybersecuritynews.com
How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
1 year ago Cyberdefensemagazine.com Hunters
Companies Must Strengthen Cyber Defense in Face of Shifting Threat Actor Strategies - Critical for organizations to understand attackers' tactics, techniques, and procedures. The 2023 mid-year cyber threat report card portends an ominous outlook with staggering data including the fact that 332 million cryptojacking attacks were ...
1 year ago Cyberdefensemagazine.com
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
1 year ago Thedfirreport.com Trigona
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
1 year ago Feeds.dzone.com
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
1 year ago Techrepublic.com
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
1 year ago Techrepublic.com
New Mimic Ransomware Abuses Windows Search Tool to Attack Victims - A new ransomware threat has been discovered that abuses the Windows Search Tool to locate and encrypt sensitive data. Dubbed Mimic, the ransomware was identified by malware researchers at Force Point Security Defense. Mimic encrypts a victim’s ...
2 years ago Bleepingcomputer.com
Windows Incident Response: Human Behavior In Digital Forensics, pt III - Digital forensics can provide us insight into a threat actor's sophistication and situational awareness, which can, in turn, help us understand their intent. Observing the threat actor's actions helps us understand not just their intent, but what ...
1 year ago Windowsir.blogspot.com
New Tool Set Found Used Against Organizations in the Middle East, Africa and the US - Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. We will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors' activity. We ...
1 year ago Unit42.paloaltonetworks.com
Electronic Frontier Alliance Comes Back Strong: 2023 in Review - The Electronic Frontier Alliance is a loose network of local groups fighting for digital rights in the United States, chaired by EFF. Members' efforts have been recovering from the limitations put on local organizing caused by the pandemic. More EFA ...
1 year ago Eff.org
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
8 months ago Securityaffairs.com CVE-2024-0769 CVE-2024-29849 CVE-2022-38028 CVE-2024-0204 CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-20198 CVE-2023-4966 CVE-2023-40044 CVE-2023-38035 APT28
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
8 months ago Securityaffairs.com CVE-2024-0769 CVE-2024-29849 CVE-2022-38028 CVE-2024-0204 CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-20198 CVE-2023-4966 CVE-2023-40044 CVE-2023-38035 APT28
Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry - A new attack campaign has targeted the gaming and gambling sectors since at least September 2022, just months prior to the ICE London 2023 gaming industry trade fair event that's scheduled next week. Israeli cybersecurity company Security Joes is ...
2 years ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)