Cybersecurity researchers have turned the spotlight on a new wave of offensive cyberattacks targeting Palestinian activists and entities starting around October 2021 using politically-themed phishing emails and decoy documents.
The intrusions are part of what Cisco Talos calls a longstanding espionage and information theft campaign undertaken by the Arid Viper hacking group using a Delphi-based implant called Micropsia dating all the way back to June 2017.
The threat actor's activities, also tracked under the monikers Desert Falcon and the APT-C-23, were first documented in February 2015 by Kasperksy and subsequently in 2017, when Qihoo 360 disclosed details of cross-platform backdoors developed by the group to strike Palestinian institutions.
The Russian cybersecurity company-branded Arid Viper the "first exclusively Arabic APT group."
Then in April 2021, Meta (formerly Facebook), which pointed out the group's affiliations to the cyber arm of Hamas, said it took steps to boot the adversary off its platform for distributing mobile malware against individuals associated with pro-Fatah groups, the Palestinian government organizations, military and security personnel, and student groups within Palestine.
Decoy document containing text on Palestinian reunification
The raft of new activity relies on the same tactics and document lures used by the group in 2017 and 2019, suggesting a "certain level of success" despite a lack of change in their tooling. More recent decoy files reference themes of Palestinian reunification and sustainable development in the territory that, when opened, lead to the installation of Micropsia on compromised machines.
The backdoor is designed to give the operators an unusual range of control over the infected devices, including the ability to harvest sensitive information and execute commands transmitted from a remote server, such as capturing screenshots, recording the current activity log, and downloading additional payloads.
"Arid Viper is a prime example of groups that aren't very advanced technologically, however, with specific motivations, are becoming more dangerous as they evolve over time and test their tools and procedures on their targets," researchers Asheer Malhotra and Vitor Ventura said.
"These [remote access trojans] can be used to establish long-term access into victim environments and additionally deploy more malware purposed for espionage and stealing information and credentials."
More articles
- Easy Hack Tools
- Physical Pentest Tools
- Nsa Hacker Tools
- Nsa Hack Tools Download
- How To Install Pentest Tools In Ubuntu
- Hacking Tools Kit
- Tools 4 Hack
- Computer Hacker
- Hacking Tools Name
- Hacker Tools For Windows
- Hacking Tools For Windows 7
- What Is Hacking Tools
- Hacker Tools 2020
- Hacker Tools Apk
- Pentest Tools For Windows
- Pentest Tools Find Subdomains
- Hacker Tool Kit
- Pentest Automation Tools
- Tools For Hacker
- Hacker Security Tools
- Hacking Tools Kit
- Hack Tools Pc
- Hacking Tools Hardware
- Hacking Tools Windows 10
- How To Hack
- Best Hacking Tools 2019
- New Hacker Tools
- Underground Hacker Sites
- Physical Pentest Tools
- Hack And Tools
- Physical Pentest Tools
- Hackrf Tools
- Hacking Tools Download
- Hacking Tools For Mac
- Beginner Hacker Tools
- Hackers Toolbox
- Best Hacking Tools 2020
- Hacking Tools Windows
- Tools For Hacker
- Hacker Tools Linux
- Hacking Tools Windows 10
- Hack Tools Mac
- Nsa Hack Tools Download
- Hack Tools For Mac
- Hacker Tools Github
- Hackers Toolbox
- Hacking Tools Hardware
- Hacking Tools Pc
- Pentest Tools For Windows
- Pentest Tools Linux
- Hacking App
- Hacker Tools
- Pentest Tools Linux
- Hackrf Tools
- Pentest Tools List
- Hack Tools For Mac
- Hacking Tools
- Pentest Tools Website
- Hacking Tools Pc
- Hack Tools Github
- Hack Tools Pc
- Hacking Tools Windows 10
- Wifi Hacker Tools For Windows
- Pentest Tools Subdomain
- How To Hack
- Hacking Tools Download
- Wifi Hacker Tools For Windows
- Pentest Tools For Ubuntu
- Hack Tools Download
- Hacker Tool Kit
- Black Hat Hacker Tools
- Hacking Tools For Mac
- Hack Rom Tools
- Pentest Tools Find Subdomains
- Bluetooth Hacking Tools Kali
- Underground Hacker Sites
- Hacking Tools For Games
- Pentest Tools Alternative
- Hack Website Online Tool
- Hacking Tools For Windows 7
- Hack Tool Apk
- Hacking App
- Hacker Tools Windows
- Hacking Tools 2019
- What Are Hacking Tools
- Hacker Tool Kit
- Hackrf Tools
- Hacker Tools For Windows
- Top Pentest Tools
- Pentest Tools Website
- Hack Tools For Mac
- Nsa Hacker Tools
- Pentest Tools Apk
- Hack Tools 2019
- Pentest Tools For Android
- Hacking Tools Usb
- Pentest Box Tools Download
- Pentest Tools Nmap
- Hacker
- Hack And Tools
- Pentest Tools Port Scanner
- Hacking Tools Online
- Hack Rom Tools
- Free Pentest Tools For Windows
- Hacker Tools List
- Pentest Tools Kali Linux
- Hacker Tools Hardware
- Hacker Tools Free
- Pentest Tools Url Fuzzer
- Pentest Tools Website
- Growth Hacker Tools
- Hacker Tools Mac
- Hacking Tools And Software
- Hacking Apps
- Hack Tool Apk No Root
- Game Hacking
- Physical Pentest Tools
- Hack App
- Pentest Tools Subdomain
- Hack Tool Apk No Root
- Hacking Tools For Windows Free Download
- Hacker Tools For Windows
- Pentest Tools Online
- Hacking Tools For Windows
- Hacking Tools Usb
- Hacker Tools List
- Hacking Tools Hardware
- Hacking Tools For Windows Free Download
- Pentest Tools Alternative
- Pentest Tools Windows
- Hacking Tools Software
- Bluetooth Hacking Tools Kali
- Pentest Reporting Tools
- New Hacker Tools
- Hacking Tools
- Hacking Tools Software
- Best Hacking Tools 2020
- Bluetooth Hacking Tools Kali
- Hacking Tools Usb
- Pentest Tools Online
- Hacker Tools For Ios
- Hacker Tool Kit
- Hackrf Tools
- How To Install Pentest Tools In Ubuntu
- Hacking Tools For Pc
- Termux Hacking Tools 2019
- Tools Used For Hacking
- Pentest Tools Tcp Port Scanner
- Best Hacking Tools 2020
- Pentest Tools Nmap
- Hacking Tools Github
- New Hacker Tools
No comments:
Post a Comment