Security News > 2021 > November > New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks

A new politically-motivated hacker group named "Moses Staff" has been linked to a wave of targeted attacks targeting Israeli organizations since September 2021 with the goal of plundering and leaking sensitive information prior to encrypting their networks, with no option to regain access or negotiate a ransom.

"The group openly states that their motivation in attacking Israeli companies is to cause damage by leaking the stolen sensitive data and encrypting the victim's networks, with no ransom demand," Check Point Research said in a report published Monday.

The attacks specifically rely on the open-source library DiskCryptor to perform volume encryption, in addition to infecting the systems with a bootloader that prevents them from starting without the correct encryption key.

Check Point did not attribute the adversary to any specific country, citing lack of definitive evidence, but noted that some artifacts of the group's toolset had been submitted to VirusTotal from Palestine months prior to the first attack.

Moses Staff also operates Twitter and Telegram to publicize their attacks, with malicious activity reported as recently as November 14.

"The vulnerabilities exploited in the group's attacks are not zero days, and therefore all potential victims can protect themselves by immediately patching all publicly-facing systems."

News URL

https://thehackernews.com/2021/11/new-moses-staff-hacker-group-targets.html