Hackers linked to Hamas have been implicated in five cyberespionage campaigns targeting Palestine and Egypt.
The evidence emerged innew researchfrom ESET, acybersecuritycompany based in Slovakia.
Analysts at the firm detected five campaigns spreading trojanized apps to Android users.
The attacks focus on user data espionage in Palestine and Egypt.
The campaigns deploy multistageAndroidspyware, which ESET calls AridSpy.
To distribute the spyware, thehackersused dedicated websites that impersonate real apps.
In Palestine, they primarily harnessed a malicious Palestinian Civil Registry app.
40% off TNW Conference!
ESETattributed the campaigns with medium confidence to the notorious Arid Viper APT group.
Who is Arid Viper?
Arid Viper is also known as APT-C-23, Desert Falcons, or Two-tailed Scorpion.
Active sinceat least 2013, the cyberespionage group is notorious for targeting countries in the Middle East.
Its also known for deploying a vast arsenal of malware for Android, iOS, and Windows platforms.
Cybersecurity vendors have previously linked the group to Hamas.
It primarily targets entities in Israel and Palestine, but its reach extends beyond these borders.
Analystshave saidthis hints at a broader geopolitical agenda.
ESETs new research, however, makes no accusations of political connections.
The company has instead focused on the cyberespionage techniques.
These techniques unlock the hackers to spy on messaging apps and exfiltrate content from devices.
ESETsaid their campaigns beganin 2022.
Three of them remain active today.
Story byThomas Macaulay
Thomas is the managing editor of TNW.
He leads our coverage of European tech and oversees our talented team of writers.
Away from work, he e(show all)Thomas is the managing editor of TNW.
He leads our coverage of European tech and oversees our talented team of writers.
Away from work, he enjoys playing chess (badly) and the guitar (even worse).
