News Facebook defuses spying operation by Palestinian hackers


al capone

Advanced
Joined
13.09.20
Messages
159
Reaction score
2,106
Points
93
Cybercriminals used fake and hacked accounts to deceive users of the social network.

Facebook specialists have defused the operations of two hacker groups sponsored by the Palestinian authorities. The criminals used the social network to distribute malware for the purpose of espionage.

According to representatives of the tech giant, the first group was associated with the Preventive Security Service of the Palestinian National Authority (PNA), and the second, known as Arid Viper (Desert Falcon or APT-C-23), is allegedly associated with the Palestinian Islamist movement Hamas.

Cyber espionage campaigns took place in 2019 and 2020. The first group targeted users in Palestine. Another group attacked users in the Palestinian territories, in Syria, as well as in Turkey, Iraq, Lebanon and Libya.

The hackers used specially designed malware for Android, disguised as secure chat apps. The program secretly stole device metadata, tracked keystrokes, and uploaded data to the Firebase platform. The attacks also used SpyNote malware to track calls and gain remote access to hacked phones.

Cybercriminals used fake and hacked accounts to create fictitious faces, often posing as young women, as well as supporters of Hamas, Fatah, various military groups, journalists and activists in order to establish relationships with potential victims and direct them to phishing pages.

Arid Viper used the new Phenakite spyware in its campaigns to steal sensitive iPhone user data without jailbreaking it. The malware Phenakite was distributed under the guise of a full-featured chat app called MagicSmile. The group also managed 179 domains that were used to host malware or act as C&C servers.
 
Top Bottom