- Actor Amanda Seales pushes back on #FreeRodneyReed movement Monday 10:58 PM
- Netflix thriller ‘Earthquake Bird’ can’t solve its own mystery Monday 4:45 PM
- Goop is selling an expensive ‘restraining arts’ BDSM kit Monday 4:17 PM
- Body positivity actress Lili Reinhart calls out Photoshopping app Monday 3:42 PM
- ‘Rick and Morty’ zeroes in on connections and leans into familiar territory Monday 3:30 PM
- People are sharing photos of how much they’ve changed in a decade Monday 2:30 PM
- A few of our favorite things on Newegg are on sale for Black Friday Monday 2:15 PM
- Disney adds ‘Bob’s Burgers’ movie back to release schedule after accidentally yanking it Monday 2:02 PM
- Ocasio-Cortez launches petition demanding Stephen Miller’s resignation Monday 1:24 PM
- Prince Andrew’s defense against child sex crimes stokes conspiracy theory flames Monday 1:20 PM
- More people may be looking to cancel Disney+ than Netflix Monday 1:09 PM
- Monday Night Football: How to stream Chiefs vs. Chargers live Monday 1:00 PM
- After days of deadly protests, Iran implements ‘largest internet shutdown ever’ Monday 12:55 PM
- ‘Disney Plus and thrust’ is apparently the new Netflix and Chill Monday 12:32 PM
- Woman fired, sued after coworker shared their sexts Monday 12:22 PM
Palestinian hacker is targeting Israel with virus-laced porn videos
Cyberwar rises in the Middle East.
The attack began with a pornographic video playing at work—just the kind of embarrassing moment the hackers were counting on.
An Israeli government employee at a research facility received an email fashioned just so that they would open the attachment it came with. The lie worked.
Suddenly, the porn video started playing, and the employee shut the video down. Confused, he hoped no one saw what happened on his screen.
The employee’s computer was thoroughly infected and sensitive files were then sent to the attacker. The sharp little heist was complete.
Another contemporaneous cyberattack campaign aimed at Israel affected over 500 victims in Egypt, Trend Micro reports, infecting laptops and stealing data for hackers to view.
The attacks are being called “evidence of a budding generation of Arab hackers” by security analysts who warn of of cyber-guerilla war directed at Israel from its Arab neighbors.
One hypothesis floated by Trend Micro researchers is that “a supra-organization that provides means for Arab parties to commit acts of cyberviolence exists.” If that’s the case, they warn, expect more violence soon.
The two campaigns (dubbed Operation Arid Viper and Operation Advtravel) share a lot in common: They were both run from servers in Germany, both had domains registered by the same person, and both can be tied to Gaza.
However, they also have quite a few differences. Arid Viper was elegant, targeted, and tightly wrapped up. Advtravel was broad and amateurish.
The first campaign targeted a variety of victims in Israel including a government office, infrastructure providers, the military, and academia.
“Operation Arid Viper was unusual in that it had a pornographic component in hopes of taking user focus away from the infection or the fact that something strange is happening,” the report explains. “It targeted professionals who might be receiving very inappropriate content at work and so would hesitate to report the incident.”
Without reporting the incident, the malware could carry on its work. The porn-distraction is a clever ploy that hadn’t been seen in the wild before the Israeli attacks.
The Advtravel campaign, on the other hand, targeted mostly the personal laptops of Arabs in Egypt. The hackers stole images from the victims’ computers, possibly for blackmail.
Trend Micro also identified individuals whose names were used to register the command-and-control servers behind the attacks. One individual in particular lives in Gaza and sports pro-Palestine and anti-Israel imagery across his social media accounts.
Image via Free Grunge Textures/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.