Hamas-linked cyberspy group Molerats started using new malware in attacks on Middle Eastern governments after their operations were exposed last summer.
By Ionut Arghire on April 06, 2021
A sub-group of the Molerats threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security.
The Molerats hacking group, also tagged as Gaza Hackers Team, Gaza Cybergang,DustySky, Extreme Jackal, and Moonlight, has been active since at least 2012, mainly targeting entities in the Middle East, but also launching attacks against targets in Europe and the United States.
Cado Security says that APT-C-23, believed to be part of Molerats, typically uses social engineering to trick victims into installing malware, and was previously observed impersonating women in attacks that leveraged social media sites to target soldiers in the Israel Defence Forces.
By Ionut Arghire on December 10, 2020
Two new backdoors have been attributed to the Molerats advanced persistent threat (APT) group, which is believed to be associated with the Palestinian terrorist organization Hamas.
Likely active since at least 2012 and also referred to as Gaza Hackers Team, Gaza Cybergang, DustySky, Extreme Jackal, and Moonlight, the group mainly hit targets in the Middle East (including Israel, Egypt, Saudi Arabia, the UAE and Iraq), but also launched attacks on entities in Europe and the United States.
In early 2020, security researchers at Cybereason s Nocturnus group published information on two new malware families used by the APT, namely Spark and Pierogi. Roughly a month later, Palo Alto Networks revealed that the group had expanded its target list to include insurance and retail industries, in addition to the previously targeted government and telecommunications verticals.