Countries
Close
English English Portuguese Português (PT/BR) 한국어 Korean 한국어 Japanese 日本語 chinese 中文 vitenam Tiếng Việt
Home Hamas-Linked Hacker Group Accused of Orchestrating Attacks in Palestine & Egypt
News

Hamas-Linked Hacker Group Accused of Orchestrating Attacks in Palestine & Egypt

Krishi Chowdhary Journalist Author expertise
Updated:
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.
  • A Hamas-linked hacker group called Arid Viper has been accused of orchestrating at least 5 attacks across Egypt and Palestine.
  • The revelation was made by a research group called ESET who also put together a detailed analysis of its attack technique.
  • The bad news is that at least 3 of the 5 campaigns run by the hacker group are still active.

Hamas Hacker Group Orchestrating Attacks in Palestine & Egypt

A Hamas-linked hacker group has been accused of orchestrating cyber attacks across Palestine and Egypt.

The group is called Arid Viper and has been active since 2013, targeting their victims through an Android spyware called AridSpy.

This is the first time researchers have been able to pin down the group and put together a detailed analysis of its malware.

The attacks were first discovered by ESET– a cybersecurity company based in Slovakia. It found that the group was attacking through Trojanized Android apps, mostly messaging apps. Five such attacks targeting Palestine and Egypt have already been discovered.

How Does the Malware Work?

Here’s how the malware works:

Step 1: Malicious Apps

The compromised apps are mostly distributed through websites that impersonate real apps.

  • For example, for its victims in Palestine, the hacker group impersonated the Palestinian Civil Registry app.
  • On the other hand, in Egypt, the malicious app was impersonating another legitimate app called LapizaChat. Some fake job postings were hiding the malicious links.

Step 2: Download Path

Once the victim clicks on the download link, myScript.js, hosted on the same server, is executed. It creates the correct download path for the malicious file. This is where the first stage ends.

Step 3: Data Exfiltration

Now in the second stage, data exfiltration begins. Analysts at ESET found that these hackers were able to extract all sorts of information such as device location, messages, clipboard data, video recordings, and more.

In some cases, the criminals were also able to gain control over the data by taking pictures and recording audio.

The worst part is, at the time of writing this, 3 out of the 5 discovered campaigns are still running and the hacker group is probably out there updating AridSpy so their attacks can’t be discovered again.

A Little About Arid Viper

Arid Viper has several other names. You might know it as Desert Falcons, APT-C-23, or Two-tailed Scorpion.

The cyber group has been active for more than a decade now and is known for mostly targeting countries in the Middle East. Israel and Palestine are its primary targets but its reach goes beyond that.

In 2022, the group used AridSpy to disrupt the FIFA World Cup that was held in Qatar.

The group has been linked to Hamas–a Palestinian militant group– but no solid evidence has been found of this connection. ESET researchers also didn’t find any government connection with the group.

The Hamas-Israel war has brought a wave of social media misinformation with it. From false war scenes and deepfake videos to conspiracy theories and malign influences, almost all social media platforms are plagued with disinformation.

The EU had issued warnings to social media giants TikTok and Meta, warning them to combat the issue at the earliest. X’s content moderation regulations also received a lot of backlash for its inadequacies.

Although the misinformation seems to have subsided during the last few months, these cyberattacks still plague the internet atmosphere in the Middle East.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.
Add Tech Report to your Google News feed

Question & Answers (0)

Have a question? Our panel of experts will answer your queries. Post your Question

Leave a Reply

Write a Review

Your email address will not be published. Required fields are marked *

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.

Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.

Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Most Popular News

1 Hamas-Linked Hacker Group Accused of Orchestrating Attacks in Palestine & Egypt
2 Andrew Tate and Iggy Azalea Under Fire for Alleged Insider Trading in Meme Coins
3 Swiss Regulator Shuts Down Crypto Friendly FlowBank, Begins Bankruptcy Procedures
4 Taiwan Moves to Promote Self-Regulation Among Crypto Firms
5 Chainlink (LINK) Displays Potential Breakout Signs – Will The Price Rebound Soon?

Latest News

Andrew Tate and Iggy Azalea Under Fire for Alleged Insider Trading in Meme Coins
Crypto News

Andrew Tate and Iggy Azalea Under Fire for Alleged Insider Trading in Meme Coins

Rida Fatima
Swiss Regulator Shuts Down Crypto Friendly FlowBank, Begins Bankruptcy Procedures
Crypto News

Swiss Regulator Shuts Down Crypto Friendly FlowBank, Begins Bankruptcy Procedures

Rida Fatima

Switzerland-based crypto-friendly bank FlowBank has begun bankruptcy proceedings after regulators said it lacked operating capital. FlowBank reportedly had affiliations with Techteryx, the issuer of stablecoin TrueUSD, and allowed customers to trade...

Taiwan Moves to Promote Self-Regulation Among Crypto Firms
Crypto News

Taiwan Moves to Promote Self-Regulation Among Crypto Firms

Rida Fatima

In a recent development, 24 crypto firms in Taiwan jointly founded an association to enable them to self-regulate their activities.  This move comes after the country’s Justice Ministry proposed amendments...

Chainlink (LINK) Display Potential Breakout Signs – Will The Price Rebound Soon?
Crypto News

Chainlink (LINK) Displays Potential Breakout Signs – Will The Price Rebound Soon?

Rida Fatima
The US Debt Crunch – Is Crypto The Answer?
Crypto News

The US National Debt Crunch – Is Crypto The Answer?

Lora Pance
Base Dawgz Blows Past $1.6M – 5,000% For Early Investors?
Crypto News

Base Dawgz Blows Past $1.6M – 5,000% For Early Investors?

Leah Alger
US Judge Signs A $4.5B Settlement For Terraform With SEC
Crypto News

US Judge Signs A $4.5 Billion Settlement For Terraform With SEC

Rida Fatima

REGULATION & HIGH RISK INVESTMENT WARNING: Trading Forex, CFDs and Cryptocurrencies is highly speculative, carries a level of risk and may not be suitable for all investors. You may lose some or all of your invested capital, therefore you should not speculate with capital that you cannot afford to lose. The content on this site should not be considered investment advice. Investing is speculative. When investing your capital is at risk. Please note that we do receive advertising fees for directing users to open an account with the brokers/advertisers and/or for driving traffic to the advertiser website.

Crypto promotions on this site do not comply with the UK Financial Promotions Regime and is not intended for UK consumers.

© Copyright 2024 The Tech Report Inc. All Rights Reserved.