Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
The Internet Facebook Government Social Networks United States

Some 'Reopen' Domains Could Be Phishing and Malware Campaigns (cnet.com) 29

CNET reports on new research from a threat-intelligence company into the more than 540 domain names registered this month with the word "reopen" in their URL.

While hundreds of them are "designed to lend credibility to anti-lockdown protests," and 98 more were purchased to thwart that effort, there's still many other domains that "come from suspicious sources or resellers looking to make money... Researchers at DomainTools have found hundreds of 'reopen' URLs that were bought specifically to be resold and others that resemble malware campaigns." These are "reopen" websites targeted toward restaurants, movie theaters and sports, and all are set up for sale... "Domainers are a particular type of people who spot any chance they can to hop on a quick buck," said Chad Anderson, senior security researcher at DomainTools. "In any of these instances, there's going to be people who try and pick domains they are able to sell for $5,000 that they bought for $10 because someone wants to start a movement."

DomainTools' researchers also found a batch of links registered in bulk specifically with typos for the phrase "Reopen American Business." All of these domains were registered in China and have misspellings, indicating they're set up to be phishing pages... The idea is to trick visitors who make typos into entering their sensitive credentials on these fraudulent pages. These domains all have servers registered with Bodis, an advertising service that monetizes domain names and has links to a previous malware campaign from the advanced persistent threat (APT) group DarkHotel.

APTs are known groups behind cyberattacks. DarkHotel APT is a hacking group that primarily affects victims in Japan, Taiwan, China, Russia and South Korea. "It looks like it's going to be used for phishing campaigns," Anderson said. "It hasn't been fully activated yet, but it has characteristics of a DarkHotel APT group."

There's also an interesting detail about the first seven "reopen" pages created, which looked like they represented independent groups but were all registered under the name of pro-gun activist Aaron Dorr from Iowa, and redirected visitors to the gun rights groups that were organizing protests to "liberate" their locked down cities. That activist's family also created "reopen" Facebook groups with hundreds of thousands of followers -- which then directed people to the websites. "NBC News found that many of the websites hosted by Dorr were designed to harvest visitors' data, including emails and home addresses."

NBC adds that the group's usual method "is to attack established conservative groups from the right, including the National Rifle Association, and then make money by selling memberships in their groups or selling mailing lists of those who sign up, according to some conservative politicians and activists who have labeled the efforts as scams."
This discussion has been archived. No new comments can be posted.

Some 'Reopen' Domains Could Be Phishing and Malware Campaigns

Comments Filter:
  • https://www.youtube.com/user/p... [youtube.com] - The virology
    https://www.youtube.com/channe... [youtube.com] - Dr John Campbell.
    https://www.youtube.com/user/M... [youtube.com] - Medcram
    https://www.youtube.com/channe... [youtube.com] - Dr Mike Hansen.
    https://www.youtube.com/user/U... [youtube.com] - DrBeen for medical professionals.

    • Hmm... Rather a diverting FP. Yeah, facts are nice, but I think the insight here is that Trump supporters are gullible idiots, natural suckers, and there is a shortage of "good" suckers these days. At least a shortage of suckers with money to suck away.

      However even the cash-strapped Trump-supporting suckers are still useful for "Phishing and Malware" scammers. Their identities can be used for credit card scams and their pwned computers can be used for spambot and DDoS networks. Just a few examples among man

  • by GrandCow ( 229565 ) on Saturday April 25, 2020 @12:38PM (#59989556)
    With a minimum amount of effort, he's completely destroyed the US. It'll be 50 years before we can even start to get our soft power back, and the lower half of the average American intelligence has been mobilized to protest anything that someone can throw up a crudely designed webpage for and make some Facebook posts about.
    • What do you expect when we've opened the internet to the masses?

      This is a toy to the general public. Just like every other advancement- it will be played with by people without a clue.

      Putin knows that.

      • The internet is analogous to the biblical tree of knowledge, and we've all taken a bite of this apple...

        • The internet is more an analogy for sex. It was used to transmit important information for the survival of the species, but when people started using it more for fun than for its original purpose, it became more a vehicle for transmitting diseases.

        • The internet is analogous to the biblical tree of knowledge, and we've all taken a bite of this apple...

          No, it's a metaphor for sex. And if you'd ever actually had it you'd understand the internet is a pale shadow of the real thing.

          There are some who would argue that the Tree is a metaphor for the development of human Mortality, in which case the Internet is pretty much the polar opposite of that concept.

      • it will be played with by people without a clue.

        You forgot about the Russian Reversal, it is "it will play with people without a clue".

      • Seriously. If my TiVo didn't need internet access to update it's program schedule database daily, I'd consider saving the monthly fee and not even have Internet at home anymore. The only things it's good for anymore are free porn and some shopping with the occasional research into this or that. Otherwise it's just a time-waster.
    • It's actually even worse in significant ways than you're imagining, I'm sorry to say.
      Mitch McConnel, leading the GOP majority Senate, is the real threat to this country. He's held his nose more than any other Republican legislator has, personally reviles Trump to the extreme, but has kept his eye on the ball of the neo-conservative extremist Right agenda and used Trump for all he's worth (a figure of speech -- Trump is pretty worthless IMO) to implement as much of that agenda as possible -- and the most re
      • > I really, REALLY resent all this shit happening in MY lifetime. I just wanted to live in peace, man, not live in this hell-scape.

        Funny thing - halfway through your post, before reading that part, I was thinking "it seems like too much politics is making this guy's life less fun." We survived Reagan, we survived Bush (the qualified one), we survived Clinton, Bush Junior, we survived Obama, even Trump. We'll survive the next guy, and there really isn't anything YOU can do about it anyway. Life might be

        • Shut the fuck up, asshole, nobody asked you.
          • > Shut the fuck up, asshole, nobody asked you.

            I guess I was wrong - now you sound like a joyful person.
            I wish I could be more like you because it sounds like you are having a wonderful day.

      • Worse: SCOTUS is conservative-dominated now. For all intents and purposes, for the majority of us, we won't see any balance in our Federal courts for the remainder of our lifetimes, it'll be 'conservative' biased regardless of judges claiming to not be political.

        During the 35 years I've been a voter, the conservative appointees to the SCotUS have been far more fair and balanced, more willing to cross the party aisle, and in some cases doing so so often that they're categorized with the SCotUS' liberal wing

        • We're not talking about just SCOTUS we're talking about all the lower Federal courts as well, and by the way do you really trust a political weasel like Mitch McConnell to have the best interests of ALL Americans at the top of his to-do list? The current administration is 'encouraging' existing so-called 'liberal' judges to retire and appointing 'conservative' judges in their place. What could possibly go wrong? :p
    • by ljw1004 ( 764174 )

      With a minimum amount of effort, he's completely destroyed the US. It'll be 50 years before we can even start to get our soft power back, and the lower half of the average American intelligence has been mobilized to protest anything that someone can throw up a crudely designed webpage for and make some Facebook posts about.

      I don't even know what point you're making... (1) Putin tipped the balance in favor of Trump being elected? (2) Putin used Ukraine to show that the rest of the world is powerless? (3) Putin trounced the US in their real-world political influence in the Middle East? (4) Putin invested in enough Internet Research Agency work to increase the level of partisanship and bickering in the US? (5) Putin invested enough in fearmongering in the US and everywhere in the world to have them shut down their economies more

  • by AmazingRuss ( 555076 ) on Saturday April 25, 2020 @01:29PM (#59989676)
    Lets get to fleecin' before the TV preachers get their money!
  • Some 'shop' Domains Could Be Phishing and Malware
    Some 'search' Domains Could Be Phishing and Malware
    Some Domains Using The Letter 'e' Could Be Phishing and Malware

    Film at 11.
  • Isn't this a dupe from earlier this week?
    Regardless of whether or not this virus was 'helped' or not by anyone, the enemies of the U.S. and the West in general would not hesitate to use this in any way they can to magnify the chaos panic and mayhem it's causing, and believe you me, cause as many more deaths from it as possible. Psyops 101. First few pages of the playbook.
    • I agree. Most of these enemies are enthusiastically calling for an early disorganised exit from lockdown so that the second wave finishes America off. MAGA Trump 2020 kill the libs!

  • This article is blatant clickbait. Some domains of any topic in the public interest could be malicious. It does not matter what the topic is.

  • When you flatten the curve [uofmhealth.org], you time-shift infections. Rather than happening all at once at the beginning, many infections are shifted into the future. So while flattening the curve insufficiently will result in more deaths due to the sick exceeding hospital capacity, too much flattening of the curve will result in unnecessary extending the economic damage being wrought by the shutdown, as it takes longer for the virus to run its course through the population.

    Since killing off this virus before it infe

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...