Recently, researchers have discovered 2 espionage campaigns happening right now in the Middle East through observation in the past few months.
Specifically targeting Palestine; researchers have found methods being used similar to that of MoleRATs which is one of the groups known to be a part of the Gaza Cybergang and has been operating since 2012.
To start with, the first campaign is named “Spark” and uses a backdoor which was first found operating in January 2019. The backdoor helps in victimizing people through phishing by sending out emails containing malicious documents that have titles centered around controversial topics that the user would be curious to open.
According to Cybereason, the company that identified the campaign, these include various ones including the infamous Israeli-Palestinian conflict, the recent killing of General Qasem Soleimani, the Hamas-Fatah conflict & tensions between Hamas and the Egyptian government.
An example of one such file uploaded to VirusTotal titled “Abu-Mazen and Kushner’s meeting.” (Image credit: Cybereason)
These, though are downloaded usually through Dropbox or another service named Egnyte as a zip/RAR file and pose to be Microsoft ..
Support the originator by clicking the read the rest link below.
