Weaponized fake News

The weaponized fake news reports deploy malware that can infiltrate the target’s entire network or company. Eventually, everything in the system can be stolen, manipulated, or deleted.

Sometimes, hackers use links to entirely made-up news stories on sites that sound like they are legitimate but perhaps obscure blogs or foreign news agencies. (“The Dukes” have used domains like nytunion.com, oilnewsblog.com, nasdaqblog.net, bejingnewblog.net,

Other tactics in these so-called spearphishing campaigns—hackers’ attempts to specifically target their victims with seemingly-trustworthy materials—involve links that look exactly like well-known international media outlets, but are really parts of a hacker’s domain. A third tactic involves attaching a real authentic news article from a well-known media outlet to an email—and loading that attachment with malware.

For example, In 2014—as the Russian government began to broaden its online espionage efforts—a different Russian hacker crew, known in cybersecurity circles as Sandworm, targeted attendees of a global security conference focused on the then developing Ukraine crisis. The “GlobeSec” gathering was attended by senior U.S. officials including Victoria Nuland, assistant secretary of State for European and Asian Affairs, who railed against Russia and pledged the support of the United States to Ukraine and its upcoming national elections. (Those same elections held in Ukraine were held shortly after the May 2014 conference and were hacked by Russia in efforts to fix election results, according U.S. officials.)