December 15, 2023 at 01:58PM The Gaza Cybergang, a pro-Hamas group, is using a new variant of the Pierogi++ backdoor malware to launch attacks on Palestinian and Israeli targets. The backdoor, based on C++ programming, has been distributed through phishing attacks and social media engagements, with consistent targeting of Palestinian entities reported by Sentinel Labs … Read more
December 14, 2023 at 10:00AM The Gaza Cyber Gang, a pro-Hamas threat actor, has been targeting Palestinian entities using an updated backdoor called Pierogi++. This malware is implemented in C++ and has been used for consistent targeting of Palestinian entities. The group has been active since 2012 and continues to refine its malware for successful … Read more
November 28, 2023 at 04:36AM Amid the ongoing conflict between Israel and Hamas, attackers associated with Hamas are using an updated version of the SysJoker backdoor to target Israeli entities. This new variant, written in the Rust programming language, retains similar functionalities but has undergone significant evolution. The attackers are also utilizing OneDrive instead of … Read more
November 27, 2023 at 12:48PM Palestinian militant group Hamas is using a revamped version of the SysJoker backdoor to target Israel, according to researchers from Check Point. The new variant, written in the Rust programming language, maintains similar functionality but has been completely rewritten. The group is also using OneDrive for command-and-control server URLs. The … Read more
November 27, 2023 at 09:57AM Recently, a new variant of the multi-platform malware called ‘SysJoker’ has been discovered. It has undergone a complete code rewrite in the Rust programming language. This malware, initially documented in early 2022, operates on Windows, Linux, and macOS systems. The new variant has been linked to ‘Operation Electric Powder,’ believed … Read more
November 14, 2023 at 05:21AM Middle Eastern government entities are under attack from phishing campaigns deploying a new initial access downloader called IronWind. The campaigns, attributed to the threat actor TA402, have been active between July and October 2023. TA402, also known as Molerats, Gaza Cyber Gang, and APT-C-23, is a Middle Eastern APT group … Read more