Tag: Israel Hamas war

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts
News

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

Since November 2023, an Iranian cyber espionage operation named Mind Sandstorm has targeted prominent persons working on Middle Eastern politics at universities and research institutions in Belgium, France, Gaza, Israel, the U.K., and the U.S. According to a Wednesday investigation by the Microsoft Threat Intelligence team, the threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," characterizing it as a "technically and operationally mature subgroup of Mind Sandstorm." In several instances, the attacks employ a hitherto undisclosed backdoor called MediaPl, suggesting that Iranian threat actors are continuously working read more Iranian Hackers Masquerade as Journalists to Spy on Israel Hamas War Experts. Get up to ...
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
News

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

Researchers studying cybersecurity have uncovered SysJoker, a cross-platform backdoor implemented in Rust that is thought to have been used by a threat actor connected to Hamas to attack Israel during the current conflict in the region. "Among the most prominent changes is the shift to Rust language, which indicates the malware code was entirely rewritten, while still maintaining similar functionalities," Check Point reported in its analysis on Wednesday. "In addition, the threat actor moved to using OneDrive instead of Google Drive to store dynamic C2 (command-and-control server) URLs." In January 2022, Intezer released a public description of SysJoker, describing it as a backdoor that can access a text file hosted on Google Drive read more Hamas-Linked Cyberattacks Using Rust-Powe...
Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
News

Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App

The threat actor Arid Viper (also known as APT-C-23, Desert Falcon, or TAG-63) has been implicated in an Android spyware campaign that targets Arabic-speaking users by using a phony dating app that collects information from compromised devices. "Arid Viper's Android malware has a number of features that enable the operators to surreptitiously collect sensitive information from victims' devices and deploy additional executables," Cisco Talos reported on Tuesday. Arid Viper is a cyberespionage group that has been operating since at least 2017 and is associated with Hamas, the Islamist militant organization that controls the Gaza Strip. According to the cybersecurity company, there is no proof linking the effort to the current conflict between Israel and Hamas read more Arid Viper Targ...
Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
News

Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware

In the midst of the ongoing Israeli-Hamas conflict, a pro-Hamas hacktivist organization has been seen utilizing a new Linux-based wiper malware called BiBi-Linux Wiper to target Israeli entities. "This malware is an executable in x64 ELF format, without any obfuscation or security features," according to a recent Security Joes report released today. "It allows attackers to specify target folders and can potentially destroy an entire operating system if run with root permissions." Other features include overwriting files, renaming them with an extension containing the hard-coded string "BiBi" (in the format "[RANDOM_NAME].BiBi[NUMBER]"), and preventing certain file types from being corrupted. Multithreading allows it to corrupt files concurrently read more Pro-Hamas Hacktivists Targe...