Cybersecurity researchers have turned the spotlight on a new wave of offensive cyberattacks targeting Palestinian activists and entities starting around October 2021 using politically-themed phishing emails and decoy documents.
The intrusions are part of what Cisco Talos calls a longstanding espionage and information theft campaign undertaken by the Arid Viper hacking group using a Delphi-based implant called Micropsia dating all the way back to June 2017.
The threat actor's activities, also tracked under the monikers Desert Falcon and the APT-C-23, were first documented in February 2015 by Kasperksy and subsequently in 2017, when Qihoo 360 disclosed details of cross-platform backdoors developed by the group to strike Palestinian institutions.
The Russian cybersecurity company-branded Arid Viper the "first exclusively Arabic APT group."
Then in April 2021, Meta (formerly Facebook), which pointed out the group's affiliations to the cyber arm of Hamas, said it took steps to boot the adversary off its platform for distributing mobile malware against individuals associated with pro-Fatah groups, the Palestinian government organizations, military and security personnel, and student groups within Palestine.
Decoy document containing text on Palestinian reunification
The raft of new activity relies on the same tactics and document lures used by the group in 2017 and 2019, suggesting a "certain level of success" despite a lack of change in their tooling. More recent decoy files reference themes of Palestinian reunification and sustainable development in the territory that, when opened, lead to the installation of Micropsia on compromised machines.
The backdoor is designed to give the operators an unusual range of control over the infected devices, including the ability to harvest sensitive information and execute commands transmitted from a remote server, such as capturing screenshots, recording the current activity log, and downloading additional payloads.
"Arid Viper is a prime example of groups that aren't very advanced technologically, however, with specific motivations, are becoming more dangerous as they evolve over time and test their tools and procedures on their targets," researchers Asheer Malhotra and Vitor Ventura said.
"These [remote access trojans] can be used to establish long-term access into victim environments and additionally deploy more malware purposed for espionage and stealing information and credentials."
More articles
- Hacking Tools Hardware
- Computer Hacker
- Hacking Tools For Mac
- Hacker Tools Mac
- Pentest Tools Find Subdomains
- Pentest Tools Find Subdomains
- Pentest Box Tools Download
- Nsa Hack Tools
- Hacking Tools For Beginners
- Usb Pentest Tools
- Hacking Tools 2019
- Hacker Tools List
- Hack Tools Pc
- Hack Tool Apk
- Hacking Tools
- Hacker Hardware Tools
- Pentest Tools Download
- Tools 4 Hack
- Hacking Tools For Windows 7
- Hacking Tools
- Best Pentesting Tools 2018
- Nsa Hack Tools Download
- Pentest Tools Port Scanner
- Pentest Tools Windows
- Hack Tools For Ubuntu
- Pentest Tools Subdomain
- Pentest Reporting Tools
- Hacker Tools For Ios
- Hacker Tools Mac
- Hacker Tools For Pc
- Wifi Hacker Tools For Windows
- Tools 4 Hack
- Hacker Tools For Pc
- Hack Tools Github
- Hack Tools Pc
- Hacking Tools Download
- Hacker Tools
- Top Pentest Tools
- Computer Hacker
- Pentest Tools Website
- Physical Pentest Tools
- Pentest Tools Bluekeep
- Hacking Tools
- Hack Tools
- Hack Tools 2019
- Tools 4 Hack
- New Hacker Tools
- Hacker Tools For Pc
- Pentest Tools Url Fuzzer
- Pentest Tools Linux
- Hack Apps
- Hacker Tools For Windows
- Bluetooth Hacking Tools Kali
- Pentest Tools For Android
- Beginner Hacker Tools
- Hacker Tools Apk
- Hacker Tools For Pc
- Ethical Hacker Tools
- Hacking Tools Windows 10
- Hacker Tools Free Download
- Easy Hack Tools
- Hacking Tools Free Download
- Pentest Tools Port Scanner
- Hacking Tools Usb
- Pentest Tools Windows
- Hacker
- Pentest Tools Windows
- Bluetooth Hacking Tools Kali
- Hacking Apps
- Hacker Tools Windows
- Hacking Tools Windows
- Hack Tools
- Game Hacking
- Pentest Tools Find Subdomains
- Pentest Tools For Ubuntu
- Hacking Tools Free Download
- Hacking Tools For Windows Free Download
- Hack App
- Pentest Tools Android
- Pentest Tools Bluekeep
- Hacking Tools
- Android Hack Tools Github
- Hacking Tools Usb
- Hacker Search Tools
- Hacking Tools Free Download
- Hacker
- Hacker
- Beginner Hacker Tools
- Pentest Tools Website
- Hacker Tools Linux
- Ethical Hacker Tools
- Pentest Tools For Android
- Pentest Tools Subdomain
- Beginner Hacker Tools
- Pentest Tools Apk
- Hacker Tools For Windows
- Best Hacking Tools 2020
- Hacker Tools For Mac
- Hacker Tools For Ios
- Tools For Hacker
- Pentest Reporting Tools
- Hacker Tools For Mac
- Underground Hacker Sites
- Blackhat Hacker Tools
- Bluetooth Hacking Tools Kali
- Hack Tool Apk No Root
- Pentest Tools Port Scanner
- Hacker Search Tools
- Pentest Tools Linux
- Hacker Tools Github
- Hacker Tools For Ios
- Hack Tools For Games
- Hacker Search Tools
- Underground Hacker Sites
- Hacking Tools For Beginners
- Hacking Tools Name
- Pentest Reporting Tools
- Wifi Hacker Tools For Windows
- Pentest Automation Tools
- Hacker Tools Mac
- Pentest Tools Online
- Hacking Tools And Software
- Hacking Tools 2020
- Hack Tools For Pc
- Hacking Tools Free Download
- Hack Tools Pc
- Hacking Tools For Windows Free Download
- Hacker Tools Hardware
- Pentest Tools Windows
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Bluekeep
- Pentest Automation Tools
- Pentest Reporting Tools
- Game Hacking
- Pentest Tools Free
- Hacker Tools Github
- Pentest Tools Free
- Hacker Tools Mac
- Hacking Tools 2020
- Hacker Tools Free
- Hacking Tools And Software
- Pentest Tools Github
- Pentest Reporting Tools
- Game Hacking
- Easy Hack Tools
- Termux Hacking Tools 2019
No comments:
Post a Comment