2 min read

Facebook Takes Down Two Hacking Groups Operating out of Palestine

Silviu STAHIE

April 22, 2021

Facebook Takes Down Two Hacking Groups Operating out of Palestine

Facebook has announced that it managed to take down two significant groups of hackers based in Palestine that were working to compromise Windows, Android, and Apple devices by using all kinds of tricks, includes social engineering, malware, modified apps and much more.

Facebook’s security researchers took action against a couple of groups in Palestine, a network linked to the Preventive Security Service (PSS) and a threat actor known as Arid Viper. Facebook removed their ability to use the social media platform as means of spreading their influence, taking down much of the infrastructure.

Although both groups have been operating out of Palestine, they weren’t connected. Their targets were very different, one looking to compromises victims in Palestine, and the other was focusing on the Palestinian territories and Syria and, to a lesser extent Turkey, Iraq, Lebanon and Libya.

The first group, targeting people in Palestine, seems to be connected to Preventive Security Service — the Palestinian Authority’s internal intelligence organization – according to Facebook.

“This persistent threat actor focused on a wide range of targets, including journalists, people opposing the Fatah-led government, human rights activists and military groups including the Syrian opposition and Iraqi military,” said the security researchers. “They used their own low-sophistication malware disguised as secure chat applications, in addition to malware tools openly available on the internet.”

The group used a custom-build Android malware that posed as secure chat applications, but that allowed attackers to gather private data and metadata. Windows was also a target, but the hackers used existing threats such as NJRat and HWorm. Furthermore, the hackers compromised several social media accounts or used fake names to gain the victims’ trust.

Arid Viper

The other group, named Arid Viper, is a well-known advanced persistent threat that also goes by the name Desert Falcon and APT-C-23. Their way of operating is different and much more in line with other hacking groups.

“It used sprawling infrastructure to support its operations, including over a hundred websites that either hosted iOS and Android malware, attempted to steal credentials through phishing or acted as command and control servers,” says Facebook. “They appear to operate across multiple internet services, using a combination of social engineering, phishing websites and continually evolving Windows and Android malware in targeted cyber espionage campaigns. “

In their efforts to curb the activities of these two groups, Facebook took down all their linked accounts, published all indicators of compromises, inclusive malware hashes, and shared them with the anti-virus community to make it easier to be discovered.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read