Palestinian Hackers Tricked Victims Into Installing iOS Spyware

Hacking activity in the Gaza Strip and West Bank has ramped up in recent years as rival Palestinian political parties spar with each other, the Israeli-Palestinian conflict continues, and Palestinian hackers increasingly establish themselves on the global stage. Now, Facebook has uncovered two digital espionage campaigns out of Palestine, active in 2019 and 2020, that exploited a range of devices and platforms, including unique spyware that targeted iOS.

The groups, which appear to be unconnected, seem to have been at cross-purposes. But both used social media platforms like Facebook as jumping off points to connect with targets and launch social engineering attacks to guide them toward phishing pages and other malicious websites.

The researchers link one set of attackers to Palestine’s Preventive Security Service, an intelligence group under the West Bank’s Fatah ruling party. In this campaign, the group primarily targeted the Palestinian territories and Syria, with some additional activity in Turkey, Iraq, Lebanon, and Libya. The hackers seemed largely focused on attacking human rights and anti-Fatah activists, journalists, and entities like the Iraqi military and Syrian opposition.

The other group, the longtime actor Arid Viper, which has been associated with Hamas, focused on targets within Palestine like Fatah political party members, government officials, security forces, and students. Arid Viper established an expansive attack infrastructure for its campaigns, including hundreds of websites that launched phishing attacks, hosted iOS and Android malware, or functioned as command and control servers for that malware.

you can look here
read more
more
explanation
use this link
a knockout post
best site
blog here
her explanation
discover this info here
he has a good point
check my source
straight from the source
anonymous
go to my blog
hop over to these guys
find here
article
click to investigate
look at here now
here are the findings
view
click to find out more
important site
click here to investigate
browse around this site
click for more
why not try here
important link
address
hop over to this web-site
my website
browse around here
Recommended Site
Your Domain Name
Web Site
click this site
hop over to this site
i was reading this
click here to read
read here
i loved this
my blog
click now
you can try these out
informative post
top article
useful site
click this over here now
moved here
resource
about his
navigate to this site
click this
click here for more info
investigate this site
more helpful hints
read
over at this website
find
go to the website
try this site
look at more info
look what i found
Full Report
websites
Extra resources
get more
like it
click here for more
find out here now
this hyperlink
home
site here
discover here
click here for info
try this website
go
look at here
Visit Your URL

“To disrupt both these operations, we took down their accounts, released malware hashes, blocked domains associated with their activity, and alerted people who we believe were targeted by these groups to help them secure their accounts,” Facebook’s head of cyberespionage investigations, Mike Dvilyanski, and director of threat disruption, David Agranovich, wrote in a blog post on Wednesday. “We shared information with our industry partners including the anti-virus community so they too can detect and stop this activity.”

Courtesy of Facebook

The Preventive Security Service–linked group was active on social media and used both fake and stolen accounts to create personas, often depicting young women. Some of the accounts claimed to support Hamas, Fatah, or other military groups and sometimes posed as activists or reporters with the goal of building relationships with targets and tricking them into downloading malware.

The group used both off-the-shelf malware and its own Android spyware masquerading as a secure chat app to target victims. The chat app collected call logs, location, contact information, SMS messages, and device metadata. It also sometimes included a keylogger. The attackers also used publicly available Android and Windows malware. And the researchers saw evidence that the attackers made a fake content management platform for Windows that targeted journalists who wanted to submit articles for publication. The app didn’t actually work, but came bundled with Windows malware.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous post Polk Audio React Soundbar Review: Smart And Expandable
Next post People Are Playing a Guessing Game in Google Maps