Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Hackers targeting nongovernmental humanitarian groups, including UN groups like UNICEF, sought to steal login credentials using sophisticated phishing sites, according to a new report by mobile security firm Lookout.

Why it matters: Lookout doesn't attribute attacks to specific actors, but the lures used to draw targets to the phishing sites were links only of interest to workers following North Korea issues. That suggests North Korea is a likely suspect here.

What they found: The phishing sites used a number of clever tricks.

  • For one, if users reached the phishing sites through any path other than the phishing URL, it forwarded the user to a legitimate site. That limits the hackers' exposure.
  • While most people believe a site won't see the login data they type into a website unless they hit submit, the sites used key loggers to steal login data even if they didn't.
  • Like many modern phishing campaigns, the site used SSL certificates — the encryption measures that produce the lock icon in the URL bar, which less sophisticated users are sometimes told to look for to thwart phishing. Also, the sites used long URL names, making it harder for people on mobile phones to notice inconsistencies there.

The sites were hosted by the Malaysian firm Shinjiru, Lookout's Jeremy Richards told Axios.

  • Shinjiru is a so-called bulletproof hosting service offering technical and legal protections for hackers. Using providers like Shinjiru raises an automatic red flag in Lookout's machine learning system.

Go deeper

Updated 6 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Health: The good and bad news about antibody therapies — Fauci: Hotspots have materialized across "the entire country."
  2. World: Belgium imposes lockdown, citing "health emergency" due to influx of cases.
  3. Economy: Conference Board predicts economy won’t fully recover until late 2021.
  4. Education: Surge threatens to shut classrooms down again.
  5. Technology: The pandemic isn't slowing tech.
  6. Travel: CDC replaces COVID-19 cruise ban with less restrictive "conditional sailing order."
  7. Sports: High school football's pandemic struggles.
  8. 🎧Podcast: The vaccine race turns toward nationalism.
Dan Primack, author of Pro Rata
Updated 7 hours ago - Economy & Business

Dunkin' Brands agrees to $11B Inspire Brands sale

Photo: Alexi Rosenfeld/Getty Images

Dunkin' Brands, operator of both Dunkin' Donuts and Baskin-Robbins, agreed on Friday to be taken private for nearly $11.3 billion, including debt, by Inspire Brands, a restaurant platform sponsored by private equity firm Roark Capital.

Why it matters: Buying Dunkin’ will more than double Inspire’s footprint, making it one of the biggest restaurant deals in the past 10 years. This could ultimately set up an IPO for Inspire, which already owns Arby's, Jimmy John's and Buffalo Wild Wings.

Ina Fried, author of Login
9 hours ago - Technology

Federal judge halts Trump administration limit on TikTok

Illustration: Aïda Amer/Axios

A federal judge on Friday issued an injunction preventing the Trump administration from imposing limits on the distribution of TikTok, Bloomberg reports. The injunction request came as part of a suit brought by creators who make a living on the video service.

Why it matters: The administration has been seeking to force a sale of, or block, the Chinese-owned service. It also moved to ban the service from operating in the U.S. as of Nov. 12, a move which was put on hold by Friday's injunction.