Security News > 2020 > December > New Backdoors Used by Hamas-Linked Hackers Abuse Facebook, Dropbox

New Backdoors Used by Hamas-Linked Hackers Abuse Facebook, Dropbox
2020-12-10 16:10

Two new backdoors have been attributed to the Molerats advanced persistent threat group, which is believed to be associated with the Palestinian terrorist organization Hamas.

In early 2020, security researchers at Cybereason's Nocturnus group published information on two new malware families used by the APT, namely Spark and Pierogi.

The security researchers also identified new activity targeting Turkish-speaking entities with the Spark backdoor, as well as a separate campaign in which a new Pierogi variant is used against targets also infected with DropBook, SharpStage, and Spark.

"The newly discovered backdoors were delivered together with the previously reported Spark backdoor, which along with other similarities to previous campaigns, further strengthens the attribution to Molerats," Cybereason notes.

"The discovery of the new cyber espionage tools along with the connection to previously identified tools used by the group suggest that Molerats is increasing their espionage activity in the region in light of the current political climate and recent events in the Middle East," Cybereason concludes.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/G7vkISenH8U/new-backdoors-used-hamas-linked-hackers-abuse-facebook-dropbox

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 30 2 44 52 19 117
Dropbox 4 3 9 0 1 13