- Joe Biden really, really hates raves 4 Years Ago
- RIP to the Twitter geotagging feature that no one actually used Today 5:14 PM
- Facebook contractors reveal the horrors of moderating graphic content Today 4:42 PM
- Prosecutor almost directly quoted Bible in trial against man who helped migrants Today 4:05 PM
- TikTok’s time warp videos get it twisted Today 4:03 PM
- Is a ‘Stranger Things’ and Fortnite crossover event going to happen? Today 3:55 PM
- YouTube reportedly thinking about moving all kids content off the main site Today 3:50 PM
- AOC calls out Democrats for tone-deaf Beyoncé tweet Today 3:15 PM
- Democrat candidates come out as ‘wife guys’ Today 2:45 PM
- Poll of best Batman actors fails to include Adam West, and fans are not happy Today 2:25 PM
- ‘Pose’ producer Janet Mock lands historic Netflix deal Today 1:54 PM
- Teen confesses to killing her best friend on video to get $9 million from a stranger online Today 1:28 PM
- Democrats vote to block transgender troop ban Today 12:17 PM
- Twitch-famous bounty hunter kicks down target’s door in wildly popular live stream Today 11:42 AM
- New GOP bill would audit major tech companies for bias Today 11:37 AM
Palestinian hacker is targeting Israel with virus-laced porn videos
Cyberwar rises in the Middle East.
The attack began with a pornographic video playing at work—just the kind of embarrassing moment the hackers were counting on.
An Israeli government employee at a research facility received an email fashioned just so that they would open the attachment it came with. The lie worked.
Suddenly, the porn video started playing, and the employee shut the video down. Confused, he hoped no one saw what happened on his screen.
The employee’s computer was thoroughly infected and sensitive files were then sent to the attacker. The sharp little heist was complete.
Another contemporaneous cyberattack campaign aimed at Israel affected over 500 victims in Egypt, Trend Micro reports, infecting laptops and stealing data for hackers to view.
The attacks are being called “evidence of a budding generation of Arab hackers” by security analysts who warn of of cyber-guerilla war directed at Israel from its Arab neighbors.
One hypothesis floated by Trend Micro researchers is that “a supra-organization that provides means for Arab parties to commit acts of cyberviolence exists.” If that’s the case, they warn, expect more violence soon.
The two campaigns (dubbed Operation Arid Viper and Operation Advtravel) share a lot in common: They were both run from servers in Germany, both had domains registered by the same person, and both can be tied to Gaza.
However, they also have quite a few differences. Arid Viper was elegant, targeted, and tightly wrapped up. Advtravel was broad and amateurish.
The first campaign targeted a variety of victims in Israel including a government office, infrastructure providers, the military, and academia.
“Operation Arid Viper was unusual in that it had a pornographic component in hopes of taking user focus away from the infection or the fact that something strange is happening,” the report explains. “It targeted professionals who might be receiving very inappropriate content at work and so would hesitate to report the incident.”
Without reporting the incident, the malware could carry on its work. The porn-distraction is a clever ploy that hadn’t been seen in the wild before the Israeli attacks.
The Advtravel campaign, on the other hand, targeted mostly the personal laptops of Arabs in Egypt. The hackers stole images from the victims’ computers, possibly for blackmail.
Trend Micro also identified individuals whose names were used to register the command-and-control servers behind the attacks. One individual in particular lives in Gaza and sports pro-Palestine and anti-Israel imagery across his social media accounts.
Image via Free Grunge Textures/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.