Ethiopian operatives make crucial mistakeThe spear-phishing campaign wasn't very well executed, and some targets became suspicious. Some forwarded the fishy emails to Citizen Lab, an organization that has a long history of tracking and exposing politically motivated surveillance campaigns. Instead of backing down and dismantling their infrastructure, Ethiopian government operatives decided to spear-phish a Citizen Lab researcher involved in the investigation — a big error on their part. The Citizen Lab team became more interested in the attacks and eventually discovered that the malware packed with the fake Flash Player and PdfWriter apps was communicating with an online C&C server that was exposing its web folders. The full Citizen Lab report is available here.
Source: Ethiopian News December 06, 2017 23:15 UTC