Security News > 2024 > July > Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware

A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information.

"The OilAlpha threat group is highly likely active and executing targeted activity against humanitarian and human rights organizations operating in Yemen, and potentially throughout the Middle East," the cybersecurity company said.

OilAlpha was first documented in May 2023 in connection with an espionage campaign targeting development, humanitarian, media, and non-governmental organizations in the Arabian peninsula.

These attacks leveraged WhatsApp to distribute malicious Android APK files by passing them off as associated with legitimate organizations like UNICEF, ultimately leading to the deployment of a malware strain named SpyNote.

OilAlpha's operations also include a credential harvesting component that utilizes a bunch of fake login pages impersonating these organizations in an effort to harvest users' login information.

The development arrives weeks after Lookout implicated a Houthi-aligned threat actor to another surveillanceware operation that delivers an Android data-gathering tool called GuardZoo to targets in Yemen and other countries in the Middle East.

News URL

https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html