An attack that uses the same path names, Java payloads, and Java exploit as one earlier this summer was found leveraging a fake Electronic Frontier Foundation domain. The fake domain electronicfrontierfoundation.org was registered more than three weeks ago and quickly used as part of an attack alongside a recently patched Java zero day. The attack appears to be part of a larger campaign previously dubbed Pawn Storm. The group, possibly associated with the Russian government, was given the moniker APT 28 in a 2014 FireEye report.
Source: https://threatpost.com/latest-apt-28-campaign-incorporates-fake-eff-spearphishing-scam/114462/