December 14, 2023 at 10:00AM
The Gaza Cyber Gang, a pro-Hamas threat actor, has been targeting Palestinian entities using an updated backdoor called Pierogi++. This malware is implemented in C++ and has been used for consistent targeting of Palestinian entities. The group has been active since 2012 and continues to refine its malware for successful compromise of targets.
From the meeting notes, the key takeaways are:
– There is a pro-Hamas threat actor known as Gaza Cyber Gang targeting Palestinian entities using an updated version of a backdoor named Pierogi++.
– The malware is implemented in the C++ programming language and is believed to have been active since at least 2012.
– The threat actor is a composite of several sub-groups sharing overlapping victimology footprints and malware.
– Recent intrusions mounted by Gaza Cyber Gang leverage Pierogi++ and Micropsia, with the first recorded use of Pierogi++ going back to late 2022.
– Both Pierogi and Pierogi++ are equipped to take screenshots, execute commands, and download attacker-provided files.
– There are tactical connections between two disparate campaigns referred to as Big Bang and Operation Bearded Barbie, as well as reinforcing ties between the threat actor and WIRTE.
– The group continues to refine and retool its malware to ensure successful compromise of targets and to maintain persistent access to their networks.
These are the key details from the meeting notes. Let me know if there’s anything else I can assist with.