HomeUpdateDeadly state sponsered attacks on the Palestinian activists

Deadly state sponsered attacks on the Palestinian activists

-

Last Updated on 03/02/2022 by Nidhi Khandelwal

Researchers have identified a new wave of offensive cyberattacks aimed at Palestinian activists and entities that began in October 2021 and included politically oriented phishing emails and counterfeit documents.

Deadly state sponsered attacks on the Palestinian activists 1

The breaches are part of what Cisco Talos describes as a long-running espionage and data theft effort by the Arid Viper hacking gang, which began in June 2017 and used a Delphi-based implant called Micropsia.

Then, in April 2021, Meta (formerly Facebook) announced that it had taken steps to remove the adversary from its platform for distributing mobile malware against individuals associated with pro-Fatah groups, Palestinian government organisations, military and security personnel, and student groups in Palestine, citing the group’s ties to Hamas’ cyber arm.

Despite a lack of change in their equipment, the group’s new activity depends on the same methods and document lures utilized in 2017 and 2019, implying a “certain amount of success.” More current decoy files speak to Palestinian reunification and sustainable development in the land, and when opened, they install Micropsia on infected devices.

Deadly state sponsered attacks on the Palestinian activists 2

The backdoor is intended to give operators an exceptional level of control over infected devices, including the capacity to gather sensitive data and execute orders sent from a remote server, such as capturing screenshots, recording the current activity log, and downloading more payloads.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

This is how Russia is being punished for the war

0
The developer of the popular "node-ipc" NPM package published a new modified version to denounce Russia's invasion of Ukraine, sparking concerns about open-source and...