Security News > 2022 > April > Bearded Barbie hackers catfish high ranking Israeli officials
The Hamas-backed hacking group tracked as 'APT-C-23' was found catfishing Israeli officials working in defense, law, enforcement, and government agencies, ultimately leading to the deployment of new malware.
According to analysts at Cybereason, who named this new campaign 'Operation Bearded Barbie,' APT-C-23 is also deploying new custom backdoors for Windows and Android devices geared towards espionage.
The threat actors have created several fake Facebook profiles using fabricated identities and stolen or AI-generated images of attractive women and approach the targets through these profiles.
As part of the catfish attempts, the threat actors will eventually send the target a RAR file that is allegedly nude photos or videos.
APT-C-23 uses many techniques that we have seen employed in many past campaigns against Israeli targets but continues to evolve with new tools and more complex social engineering efforts.
One point of differentiation between Operation Bearded Barbie and previous campaigns is that there is no overlapping infrastructure, showing the group's interest in avoiding detection.