• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
researchers uncover connection b/w moses staff and emerging abraham's ax

Researchers Uncover Connection b/w Moses Staff and Emerging Abraham’s Ax Hacktivists Group

You are here: Home / General Cyber Security News / Researchers Uncover Connection b/w Moses Staff and Emerging Abraham’s Ax Hacktivists Group
January 26, 2023

New study has joined the operations of a politically enthusiastic hacktivist team recognised as Moses Employees to an additional nascent danger actor named Abraham’s Ax that emerged in November 2022.

This is primarily based on “numerous commonalities across the iconography, videography, and leak internet sites made use of by the teams, suggesting they are probable operated by the similar entity,” Secureworks Counter Risk Device (CTU) claimed in a report shared with The Hacker News.

Moses Personnel, tracked by the cybersecurity company underneath the moniker Cobalt Sapling, produced its initially appearance on the threat landscape in September 2021 with the objective of mainly targeting Israeli corporations.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The geopolitical team is considered to be sponsored by the Iranian government and has since been linked to a string of espionage and sabotage attacks that make use of tools like StrifeWater RAT and open supply utilities these types of as DiskCryptor to harvest delicate facts and lock sufferer info on contaminated hosts.

The crew is also recognised to keep a leak site which is utilized to distribute details stolen from their victims and disseminate their messaging, which contains “exposing the crimes of the Zionists in occupied Palestine.”

Now according to Secureworks’ analysis, “the Abraham’s Ax persona is currently being made use of in tandem to attack authorities ministries in Saudi Arabia” and that “this is possible in reaction to Saudi Arabia’s leadership part in improving upon relations in between Israel and Arab nations.”

Hacktivists Group

For its section, Abraham’s Ax promises to be functioning on behalf of the Hezbollah Ummah. Hezbollah, which usually means “Party of Allah” in Arabic, is a Lebanese Shia Islamist political party and militant group that’s backed by Iran.

The placing overlaps in the modus operandi further more elevate the probability that the operators behind Abraham’s Ax are probable leveraging the identical custom malware which functions as a cryptographic wiper to encrypt details without the need of giving a signifies to get better the knowledge in the early levels.

What is much more, both equally actors are united in their motivations in that they run devoid of a economical incentive, with the intrusions using a extra disruptive tone. The connections concerning the two teams is also evidenced by the actuality the WordPress-primarily based leak web sites were being hosted in the very same subnet in the early levels.

“Iran has a record of applying proxy teams and created personas to goal regional and intercontinental adversaries,” Rafe Pilling, Secureworks principal researcher, mentioned in a statement.

“About the very last few of yrs an increasing amount of prison and hacktivist group personas have emerged to concentrate on perceived enemies of Iran though providing plausible deniability to the Government of Iran about affiliation or responsibility for these attacks. This trend is very likely to carry on.”

Located this report exciting? Abide by us on Twitter  and LinkedIn to read through more distinctive content we submit.


Some elements of this short article are sourced from:
thehackernews.com

Previous Post: «is once yearly pen testing enough for your organization? Is Once-Yearly Pen Testing Enough for Your Organization?
Next Post: Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA researchers release poc exploit for windows cryptoapi bug discovered by»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.