Cybersecurity specialists report that a hacking group is directing dangerous hacking campaigns against Palestinian individuals and organizations using a dangerous malware variant identified as Micropsia.
According to the Cisco Talos report, this campaign was identified as Arid Viper and dates back to 2017, when they launched multiple campaigns in collaboration with a Hamas cell. At that time, at least 30 incidents related to this malware were identified, including social engineering and other hacking tactics.
This new campaign uses the same tactics and procedures that investigators observed previously, although now hackers exploit political issues to attract potential victims, spreading false reports, journalistic notes and mobile apps. In this case, the threat actors are using an alleged report from the Ministry of Health of the State of Palestine.
This group appears to have espionage and data theft motivations against any pro-Palestinian group. While experts believe that this is not a sophisticated hacking group, they mention that hackers have proven to be able to target mobile platforms such as iOS and Android, in addition to attacking desktop computers.
The goal of Micropsia is to establish a persistent foothold on the target’s system, implementing a set of remote access Trojans (RAT) in order to perform other hacking actions, including keyboard logging and screenshots of the affected system. The campaign has escalated to the extent that Meta has had to crack down on these hackers, removing dozens of fake accounts used to try to compromise pro-Palestinian officials and activists.
However, experts point out that the measures implemented by the social media giant did not interrupt the activities of this hacking group, as the campaign is still active and reports continue to accumulate every week.
For Cisco Talos researchers, Arid Viper is an example of a hacking group that exploits its resources to the fullest and becomes more dangerous as it evolves over time, posing serious threats to a minority community and facing harassment on multiple levels.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.