Security News > 2023 > April > Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks
![Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks](/static/build/img/news/arid-viper-hacking-group-using-upgraded-malware-in-middle-east-cyber-attacks-medium.jpg)
The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022.
Also known by the names APT-C-23 and Desert Falcon, the hacking group has been linked to attacks aimed at Palestine and the Middle East at least since 2014.
Attack sequences mounted by the group typically employ spear-phishing emails and fake social credentials to lure targets into installing malware on their devices.
The most recent attacks detailed by Symantec entail the use of updated versions of its custom Micropsia and Arid Gopher implants to breach targets before engaging in credential theft and exfiltration of stolen data.
Arid Gopher, an executable coded in the Go programming language, is a variant of the Micropsia malware that was first documented by Deep Instinct in March 2022.
"Mantis appears to be a determined adversary, willing to put time and effort into maximizing its chances of success, as evidenced by extensive malware rewriting and its decision to compartmentalize attacks against single organizations into multiple separate strands to reduce the chances of the entire operation being detected," Symantec concluded.
News URL
https://thehackernews.com/2023/04/arid-viper-hacking-group-using-upgraded.html
Related news
- Finland warns of Android malware attacks breaching bank accounts (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- Malware botnet bricked 600,000 routers in mysterious 2023 attack (source)
- DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack (source)
- Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks (source)