Cyber threat from the Middle East: Kaspersky revealed details
Kaspersky Lab said that at the Kaspersky Security Analyst Summit (SAS 2019) conference, which was held in Singapore, it spoke about the Arabic-speaking APT group Gaza Cybergang. She is engaged in cyber espionage and carries out ART attacks mainly in the countries of the Middle East, Central Asia and North Africa.
Grouping interested politicians, journalists, diplomats and all kinds of activists. In the arsenal of hackers there are tools and methods of various complexity. However, phishing email attachments are mainly used. The highest activity was recorded in the period April - November 2018.
It was found that several cyber groups joined forces to achieve their goals. There are at least three of them (groups): Operation Parliament, Desert Falcon (Desert Falcons) and MoleRats. Moreover, MoleRATs uses a rather dangerous tool called SneakyPastes. About 240 people, various organizations and departments in 39 countries of the world have already suffered from it.
After phishing, it was written about above, a RAT-malware with wide capabilities is installed on the device. It can freely upload files, download files, run various applications, search for documents and encrypt information. For example, all documents found in PDF, DOC, DOCX and XLSX formats, it saves in folders for temporary files. Then it classifies them, archives them, encrypts them and sends them to the command server through a chain of domains. Therefore, those who do not want to become a victim of cybercriminals need to learn to recognize dangerous letters, not only massive ones, but also targeted ones. Kaspersky Lab has already shared the results of its investigation with law enforcement.
Grouping interested politicians, journalists, diplomats and all kinds of activists. In the arsenal of hackers there are tools and methods of various complexity. However, phishing email attachments are mainly used. The highest activity was recorded in the period April - November 2018.
It was found that several cyber groups joined forces to achieve their goals. There are at least three of them (groups): Operation Parliament, Desert Falcon (Desert Falcons) and MoleRats. Moreover, MoleRATs uses a rather dangerous tool called SneakyPastes. About 240 people, various organizations and departments in 39 countries of the world have already suffered from it.
After phishing, it was written about above, a RAT-malware with wide capabilities is installed on the device. It can freely upload files, download files, run various applications, search for documents and encrypt information. For example, all documents found in PDF, DOC, DOCX and XLSX formats, it saves in folders for temporary files. Then it classifies them, archives them, encrypts them and sends them to the command server through a chain of domains. Therefore, those who do not want to become a victim of cybercriminals need to learn to recognize dangerous letters, not only massive ones, but also targeted ones. Kaspersky Lab has already shared the results of its investigation with law enforcement.
Information