2 min read

Facebook Takes Down Two Hacking Groups Operating out of Palestine

Silviu STAHIE

April 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Facebook Takes Down Two Hacking Groups Operating out of Palestine

Facebook has announced that it managed to take down two significant groups of hackers based in Palestine that were working to compromise Windows, Android, and Apple devices by using all kinds of tricks, includes social engineering, malware, modified apps and much more.

Facebook’s security researchers took action against a couple of groups in Palestine, a network linked to the Preventive Security Service (PSS) and a threat actor known as Arid Viper. Facebook removed their ability to use the social media platform as means of spreading their influence, taking down much of the infrastructure.

Although both groups have been operating out of Palestine, they weren’t connected. Their targets were very different, one looking to compromises victims in Palestine, and the other was focusing on the Palestinian territories and Syria and, to a lesser extent Turkey, Iraq, Lebanon and Libya.

The first group, targeting people in Palestine, seems to be connected to Preventive Security Service — the Palestinian Authority’s internal intelligence organization – according to Facebook.

“This persistent threat actor focused on a wide range of targets, including journalists, people opposing the Fatah-led government, human rights activists and military groups including the Syrian opposition and Iraqi military,” said the security researchers. “They used their own low-sophistication malware disguised as secure chat applications, in addition to malware tools openly available on the internet.”

The group used a custom-build Android malware that posed as secure chat applications, but that allowed attackers to gather private data and metadata. Windows was also a target, but the hackers used existing threats such as NJRat and HWorm. Furthermore, the hackers compromised several social media accounts or used fake names to gain the victims’ trust.

Arid Viper

The other group, named Arid Viper, is a well-known advanced persistent threat that also goes by the name Desert Falcon and APT-C-23. Their way of operating is different and much more in line with other hacking groups.

“It used sprawling infrastructure to support its operations, including over a hundred websites that either hosted iOS and Android malware, attempted to steal credentials through phishing or acted as command and control servers,” says Facebook. “They appear to operate across multiple internet services, using a combination of social engineering, phishing websites and continually evolving Windows and Android malware in targeted cyber espionage campaigns. “

In their efforts to curb the activities of these two groups, Facebook took down all their linked accounts, published all indicators of compromises, inclusive malware hashes, and shared them with the anti-virus community to make it easier to be discovered.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read