Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity

    Syrian Cyber-Attacks Expose Activists, Firms to Malware Infection

    By
    Robert Lemos
    -
    August 21, 2014
    Share
    Facebook
    Twitter
    Linkedin
      Syrian Cyber Attacks B

      Groups of attackers have targeted activists on both sides of the Syrian civil war with a new malware campaign that, while not particularly sophisticated, has grown to compromise more than 10,000 systems, according to researchers from Kaspersky Labs, which analyzed more than 100 files used by group.

      The attackers have sent messages through social networks, such as Skype, YouTube and Facebook, as well as phishing emails that include links to fake security and privacy programs that claim to help the recipient communicate securely. Most of the actual malware tools uploaded to victims’ computers appear to be common programs found in underground forums, according to the analysis by Kaspersky.

      The security firm did not speculate on the aims of the groups, but stressed that the region’s conflicts have naturally spread to the digital realm.

      “If you look at the real world context for all of this, you have a real melting pot going on out there across the Middle East,” David Emm, a senior security researcher for Kaspersky, told eWEEK. “Therefore you have governments and opposition groups, each using cyber as an element in their arsenal.”

      The civil war in Syria—a conflict in which other nation-states in the region have played a role—has resulted in a significant increase in online operations by hacktivists opposing, and proponents supporting, the government of President Bashar al-Assad.

      The Syrian Electronic Army—a group supported by, if not funded by—Assad’s regime, has attacked technology companies, financial firms and media outlets, posting pro-Assad propaganda. In some cases, Syria’s network has dropped off the Internet.

      The latest attacks began with simple remote access trojans (RATs) being used to compromise systems. Since late in 2013, however, the group has used more sophisticated social-engineering techniques to entice downloads, wrapping malicious programs in seemingly useful applications to convince a user to run the software.

      Lures for the social engineering include a leaked paper on chemical weapon attacks, security applications that are actually Trojan horses and videos that purportedly show the impact of recent bombings.

      Once infected, a victim’s computer will connect to a command-and-control server. The malware can log keystrokes from the victim’s computers, capture screenshots, record sound and video, install addition programs and upload stolen data. The attacks have grown more numerous, from less than 5 per quarter in the first half of 2013 to more than 35 new malware attacks in the second quarter of 2014, according to Kaspersky.

      The activists targeted by the attackers have apparently struck back at the infrastructure used to gather data on them, targeting known command-and-control servers with distributed denial-of-servce (DDoS) attacks, according to Kaspersky’s report.

      “It is worth noting that we have seen evidence of activists trying to carry out denial-of-service attacks on the RAT domains and servers, in an effort to overwhelm their resources and cause their connections to timeout,” the analysis stated.

      The three groups conducting the attacks appear to be pro-Assad hackers. While Kaspersky did not attribute the attacks to any particular group, they did find the names used by the attackers: “Team Hacker and Assad Penetrations Unit,” “Anonymous Syria Al Assad Unit,” and the “Management of Electronic Monitoring and Central Tracking Unit.”

      While companies are not explicitly the targets of this latest Middle East malware campaign, businesses still need to keep an eye on the events in the region, Kaspersky’s Emm said.

      “The world is a pretty small place anyway, but when it comes to the reach of the Internet, everyone is our neighbor,” he said. “With some of these very targeted attacks, there is the risk of collateral damage; there is the danger of unintended damage from these conflicts leaking online.”

      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×