Researchers: ‘Shadow Academy’ Activity Coincided With Start of School Year
A hacking group targeted 20 universities and schools around the world earlier this year with a series of phishing attacks designed to steal credentials, according to researchers with RiskIQ.
The group, which the RiskIQ researchers call “Shadow Academy,” targeted 14 universities and schools within the U.S. between July and October, when fall semester classes were beginning, according to the report. The first university struck was the University of Louisiana, but other schools, such as Manhattan College, Rochester Institute of Technology, Bowling Green State University, University of Arizona and University of Washington, were also victimized.
Schools in the U.K., Australia and Afghanistan were also targeted, according to the report published Wednesday.
“Research suggests that Shadow Academy actors timed the development of malicious infrastructure to take advantage of back to school chaos,” according to the report.
The RiskIQ report says the hackers attempted to steal credentials, but it’s not clear how they planned to use them. Other hacking groups have targeted universities to steal data and intellectual property (see: Iranian Hacking Group Continues Targeting Universities).
In the campaign that RiskIQ examined, the hacking group used a technique called domain shadowing to create malicious landing pages designed to harvest credentials….