A threat actor with affiliations to the cyber warfare division of Hamas has been linked to an “elaborate campaign” targeting high-profile Israeli individuals employed in sensitive defence, law enforcement, and emergency services organizations.
“The campaign operators use sophisticated social engineering techniques, ultimately aimed to deliver previously undocumented backdoors for Windows and Android devices,” cybersecurity company Cybereason said in a Wednesday report.
“The goal behind the attack was to extract sensitive information from the victims’ devices for espionage purposes.”
The monthslong intrusions, codenamed “Operation Bearded Barbie,” have been attributed to an Arabic-speaking and politically-motivated group called Arid Viper, which operates out of the Middle East and is also known by the monikers APT-C-23 and Desert Falcon.
Most recently, the threat actor was held responsible for attacks aimed at Palestinian activists and entities starting around October 2021 using politically-themed phishing emails and decoy documents.
The latest infiltrations are notable for their specific focus on plundering information from computers and mobile devices belonging to Israeli individuals by luring them into downloading trojanized messaging apps, granting the actors unfettered access.
images from Hacker News