APT-C-23 Hacking Group Targets Israeli Officials in Catfish Campaign

Hamas-linked cybercrime organization dubbed ‘APT-C-23’ was noticed catfishing Israeli officials working in defense, law, enforcement, and government institutions, resulting in the deployment of new malware.

The operation employs high-level social engineering tactics, including setting up bogus social media accounts and maintaining a long-term relationship with the targets prior to the spyware delivery.

Experts at security technology company Cybereason, who have dubbed this recent campaign “Operation Bearded Barbie,” stated that the APT-C-23 hacking gang is also deploying new tailored backdoors for Windows and Android devices aimed at espionage.

The Process

Hackers have created multiple fictitious Facebook profiles using made-up personas and stolen or AI-generated photos of beautiful women then contacted the victims via these fake accounts. They have spent months organizing these profiles in order to make them look realistic, writing posts in Hebrew and liking groups and famous pages in Israel.


After building trust in the relationships with the victims by establishing a connection with them for a while, the malicious actors suggest moving the conversation to WhatsApp, allegedly for better privacy.

The hackers now propose a new change to a presumably more discrete Android IM app, which is in fact the VolatileVenom backdoor.

At the same, the

Read More: https://heimdalsecurity.com/blog/apt-c-23-hacking-group-target-israeli-officials-in-catfish-campaign/