• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new wave of cyber attacks target palestine with political bait

New Wave of Cyber Attacks Target Palestine with Political Bait and Malware

You are here: Home / General Cyber Security News / New Wave of Cyber Attacks Target Palestine with Political Bait and Malware
February 3, 2022

Cybersecurity researchers have turned the highlight on a new wave of offensive cyberattacks focusing on Palestinian activists and entities commencing all over October 2021 utilizing politically-themed phishing e-mails and decoy files.

The intrusions are element of what Cisco Talos phone calls a longstanding espionage and details theft marketing campaign carried out by the Arid Viper hacking group making use of a Delphi-centered implant called Micropsia relationship all the way again to June 2017.

The danger actor’s pursuits, also tracked underneath the monikers Desert Falcon and the APT-C-23, had been initially documented in February 2015 by Kasperksy and subsequently in 2017, when Qihoo 360 disclosed particulars of cross-platform backdoors developed by the group to strike Palestinian establishments.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Automatic GitHub Backups

The Russian cybersecurity firm-branded Arid Viper the “1st completely Arabic APT group.”

Then in April 2021, Meta (formerly Facebook), which pointed out the group’s affiliations to the cyber arm of Hamas, explained it took steps to boot the adversary off its platform for distributing cell malware towards folks connected with pro-Fatah groups, the Palestinian governing administration corporations, armed service and security personnel, and student groups in Palestine.

Decoy document that contains text on Palestinian reunification

The raft of new action depends on the exact same strategies and doc lures used by the group in 2017 and 2019, suggesting a “specific level of success” inspite of a lack of improve in their tooling. Additional latest decoy documents reference themes of Palestinian reunification and sustainable development in the territory that, when opened, direct to the set up of Micropsia on compromised equipment.

Prevent Data Breaches

The backdoor is designed to give the operators an uncommon selection of command about the infected gadgets, such as the skill to harvest sensitive info and execute instructions transmitted from a remote server, such as capturing screenshots, recording the latest activity log, and downloading more payloads.

“Arid Viper is a prime illustration of groups that are not incredibly sophisticated technologically, having said that, with unique motivations, are getting to be a lot more hazardous as they evolve more than time and examination their resources and processes on their targets,” scientists Asheer Malhotra and Vitor Ventura explained.

“These [remote access trojans] can be made use of to build very long-term obtain into target environments and additionally deploy extra malware purposed for espionage and stealing information and credentials.”

Uncovered this post interesting? Comply with THN on Fb, Twitter  and LinkedIn to go through extra distinctive content material we post.


Some elements of this post are sourced from:
thehackernews.com

Previous Post: «kp snacks left with crumbs after ransomware attack KP Snacks Left with Crumbs After Ransomware Attack
Next Post: Cloudflare opens $3,000 bug bounty program to the public cloudflare opens $3,000 bug bounty program to the public»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
  • MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited

Copyright © TheCyberSecurity.News, All Rights Reserved.