Organizations and individual's in the Palestinian territories of the Gaza Strip and West Bank are being targeted in two distinct cyber espionage campaigns being conducted by the Molerats cybercrime group.
BOSTON (PRWEB) February 13, 2020
Cybereason, creators of the leading Cyber Defense Platform, today released an investigative research report from its Nocturnus Research Group titled ‘New Cyber Espionage Campaigns Targeting Palestinians' looking at the MoleRATs cybercrime group and two new campaigns happening simultaneously targeting organizations and individuals in the Palestinian territories of the West Bank and Gaza Strip. In the past few years, this group attacked Israel and other countries in the region.
The two new campaigns differ in tools, server infrastructure and nuances in decoy content and intended targets. Cybereason is attributing The Spark and Pierogi Campaigns to MoleRATs (aka The Gaza Cybergang), an Arabic-speaking, politically motivated group that has operated in the Middle East since 2012.
"We suspect MoleRATs are carrying out these campaigns to obtain sensitive information from its victims to leverage for political purposes. The malicious files relate to political affairs in the Middle East, with specific references to the Israeli-Palestinian conflict, tension between Hamas and Fatah, and other political entities in the region. There are indications that suggest that Pierogi backdoor was authored by Ukrainian-speaking malware developers," said one of Cybereason's Nocturnus researchers.
About The Spark Campaign
This campaign uses social engineering to infect victims, mainly from the Palestinian territories, with the Spark backdoor. This cybereason nocturnus researchers discover targeted cyber espionage campaigns middle benzinga
