Security News > 2020 > February > New Backdoor Attacks Leverage Political Turmoil in Middle East
Two apparently politically motivated backdoor campaigns have been observed operating in the Middle East, targeting influential Palestinians.
The two campaigns are primarily differentiated by the backdoor malware used: Spark and Pierogi - and have been named as the Spark Campaign and the Pierogi Campaign respectively by researchers at Cybereason's Nocturnus group.
Pierogi is a new undocumented RAT, discovered by Cybereason in December 2019.
The Spark Campaign, concludes Cybereason, suggests the social engineering element is "Specifically meant to lure and appeal to victims from the Middle East, especially towards individuals and entities in the Palestinian territories likely related to the Palestinian government or the Fatah movement."
"The Pierogi backdoor discovered by Cybereason during this investigation seems to be undocumented and gives the threat actors espionage capabilities over their victims." Cybereason suggests it may have been obtained through underground communities rather than developed in-house by MoleRATs.