Security News > 2021 > April > Facebook Busts Palestinian Hackers' Operation Spreading Mobile Spyware

Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware.

To disrupt the adversary operations, Facebook said it took down their accounts, blocked domains associated with their activity, and alerted users it suspects were singled out by these groups to help them secure their accounts.

"This persistent threat actor focused on a wide range of targets, including journalists, people opposing the Fatah-led government, human rights activists and military groups including the Syrian opposition and Iraqi military," Facebook researchers leading the cyber espionage investigations said.

"Lure content and known victims suggest the target demographic is individuals associated with pro-Fatah groups, Palestinian government organizations, military and security personnel, and student groups within Palestine," the researchers added.

Facebook suspects Arid Viper used the iOS malware only in a handful of cases, suggesting a highly-targeted operation, with the Hamas-linked hackers simultaneously focusing on an evolving set of Android-based spyware apps that claimed to facilitate dating, networking, and regional banking in the Middle East, with the adversary masking the malware as fake app updates for legitimate apps like WhatsApp.

"Arid Viper recently expanded their offensive toolkit to include iOS malware that we believe is being deployed in targeted attacks against pro-Fatah groups and individuals," Facebook researchers said.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/OFz5y_4fN-g/facebook-busts-palestinian-hackers.html