Hamas upgrades cyber espionage capability — report
search

Hamas upgrades cyber espionage capability — report

Internal Security Minister and sports broadcaster feature in fake news items designed to persuade email users to open rogue spyware file

Public Security Minister Gilad Erdan in the Knesset in Jerusalem, September 20, 2016. (Yonatan Sindel/Flash90)
Public Security Minister Gilad Erdan in the Knesset in Jerusalem, September 20, 2016. (Yonatan Sindel/Flash90)

An American cyber security company founded by an Israeli has identified a new cyber espionage campaign originating in the Gaza Strip and aimed at government ministries in Israel, Arab countries and the Palestinian Authority.

Experts say that the infrastructure behind the attacks and the way that different servers have been used to hide their source reveals that the suspected organization — known as the Gaza Cybergang Group — has upgraded its capability to a level “which would not embarrass countries with reasonable cyber capabilities,” The Marker, a daily business newspaper, reported Wednesday.

The Gaza Cybergang Group is thought to be backed by the Hamas terror group which controls the Strip

Gangs of hackers sent emails to their targets from a source which looked legitimate, such as a work colleague. The emails contained fake news headlines aimed at encouraging the reader to click on an attached link or file.

Opening of the file triggered installation of a program which sent the computer user’s identifying details to a control center manned by the hackers. If the details were sufficiently interesting, spyware was installed onto the unwitting user’s computer — spyware that could eavesdrop on conversations, read correspondence and operate the camera.

Israeli sports broadcaster Sharon Perry, whose picture was used as bait in fake news sent by computer hackers to targets in Israel and the Middle East. (YouTube screenshot)
Israeli sports broadcaster Sharon Perry, whose picture was used as bait in fake news sent by computer hackers to targets in Israel and the Middle East. (YouTube screenshot)

The same group opened a new internet address — new.gov-il.host– as part of a specific plan to attack the Israeli government.

It was the Israeli development team at Palo Alto Networks which, having noticed repeated attempts to cyber breach different targets in Israel and elsewhere, linked the attacks, servers and tools used to a group of at least 10 hackers operating out of Gaza.

They noticed spelling mistakes in Hebrew and English reminiscent of mistakes made by Hamas in video clips and other written materials. An analysis of the timing revealed that there was no hacking on Fridays — a clear suggestion that the hackers were working a Middle Eastern week.

Fake news items posted as bait included photographs of Internal Security Minister Gilad Erdan and sports broadcaster Sharon Perry.

The government’s National Cyber Bureau would not comment on the Gaza attacks. It just said that different sources attempted on a regular basis to break into Israeli organizational networks.

read more:
less
comments
more