Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity

    Middle East, North African Groups Learning Sophisticated Cyber-Tactics

    Written by

    Robert Lemos
    Published February 20, 2015
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Groups in the Middle East and North Africa (MENA) region are becoming increasingly skilled at launching cyber-attacks, stealing sensitive data and adopting cyber-crime tactics, according to research released by two security firms.

      One group, dubbed Arid Viper by Trend Micro, used spearphishing, pornography and leased servers to conduct espionage attacks against Israeli targets, the company said in a report published on Feb. 16. A second group, also discovered by Trend Micro, appeared to be searching for images on infected PCs as part of a blackmail scheme. In a separate effort, researchers at BAE Systems tracked attacks by a pro-Iranian group that used more than 40 programs and five malware families in their operations.

      While the barriers to creating a reasonably sophisticated cyber-capability are lower than ever, the recent activity shows that tactics for cyber-operations are evolving, Tom Kellerman, chief cyber-security officer with Trend Micro, told eWEEK.

      “I wouldn’t call it very elegant,” he said. “I would say that it is a harbinger of increased sophistication by the non-state actor groups in the region.”

      Cyber-attacks from groups and nations in the Middle East have increased dramatically in the past three years. While groups such as the Syrian Electronic Army and the Izz ad-Din al-Qassam Cyber Fighters led the way by conducting defacements and denial-of-service attacks, they have now been joined by other groups focused on cyber-crime or espionage. Recently, extremists have also taken to the Internet, hacking media and corporate social media accounts.

      In the case of Arid Viper, an independent political group likely carried out the attacks, but may have had cooperation from a nation in the region, because the group had detailed knowledge of high-priority targets—Israelis with some connection to the military or defense industries, Kellerman said. The attacks began in mid-2013 and continued until late 2014.

      The group behind Arid Viper sent email messages to targeted people with attachments that contained hidden malware. If the victim opened the attachment, their system would be infected while a short pornographic clip would play. While such a tactic is unusual—more typically, malware is directly attached to such a video—Trend Micro researchers posit that victims may be too embarrassed to call tech support, hindering any response to the compromise.

      The malware then communicates to the command-and-control servers and searches the hard disk for Office documents and text files. The C&C server then designates which files are considered interesting to the attackers, and those files are uploaded to the server as a text file.

      “A single execution allows the malware client to steal documents from the infected systems,” the report stated.

      Another interesting aspect to the operation is that the attackers used leased command-and-control infrastructure based in Germany. Researchers at Trend Micro found that that servers that received the stolen data were also used by other cyber-criminal campaigns that otherwise looked unrelated.

      The firm gathered information on at least one other campaign, which had spread malware that searched the hard drives of infected systems for images, ostensibly to uncover embarrassing pictures that could be used to extort the victims, the firm posited.

      In a separate investigation, Adrian Nish, a researcher at BAE Systems, found that a U.K. engineering firm had been compromised by attackers with links to Iran. In a presentation given at Kaspersky Lab’s Security Analyst Summit, Nish said that attackers are using more complex tactics and “there’s offensive cyber-companies and local malware authoring now,” according to a report in Kaspersky Lab’s news service Threatpost.

      Robert Lemos
      Robert Lemos
      Robert Lemos is an award-winning journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.