Written by AJ Vicens
Feb 2, 2022 | CYBERSCOOP
A hacking group is targeting Palestinian people and organizations with a wave of years-old malware, according to research published Wednesday.
The findings, from Cisco’s Talos threat intelligence division, unpack a surge of attacks starting around October 2021 targeting Palestinians using malware known as Micropsia.
The attacks are part of a broader campaign dating back to 2017 connected to a group known as Arid Viper, an Arabic hacking group possibly associated with Hamas that first emerged in 2015. Also known as Desert Falcons or APT-C-23, — “APT” stands for “advanced persistent threat,” a kind of group often associated with nation-state hackers —Kaspersky researchers in 2015 named it the “first exclusively Arabic APT group.” Kaspersky estimated at the time that it numbered 30 or so attackers who employed homemade malware, social engineering and other techniques against targets all over the world.
The group’s main motivation is espionage and information theft, Talos noted in its research, and “has been attributed to malicious operators politically motivated toward the liberation of Palestine.” Although not a “technically evolved actor,” the group is known to target both mobile and desktop platforms, including Apple iOS. It develops Android malware