Israel and Hamas have seemed to be locked in a battle for supremacy for a while now. While most of the battles have been physical, it is taking a new phase as we note that the terrorist group is getting help from some cyber attackers.
APT_C_23 is the said actor that has supported the insurgents. In its latest assault, the sect was seen catfishing Israeli officials working in defense, law, enforcement and government agencies.
The endgame was to deploy a malware on the target, thereby opening a backdoor in the targeted system. Operation Bearded Barbie as named by Cybereason, involved a lot of planning and action which suggests that the campaign have been in motion for some months.
The threat actors created a fake Facebook account with pictures of an attractive lady. The account has been in operation for months as it liked posts from popular Israeli accounts and followed these profiles.
After an interaction with the targeted official, the conversation is then taken to Whatsapp to maintain privacy. As trust becomes stronger between the threat actor and the target, a more discreet chat platform is suggested.
The malware is then deployed on target via the new platform. Android IM app, which is VolatileVenom malware. With malware deployed, the backdoor will then be created as a link embedded with the Barbwire backdoor is sent.
The effectiveness of this campaign is yet to be seen. However, there have been no major leaks of sensitive information.
Previous Attacks on Israel
Cybertechwiz reported that Israel suffered its biggest cyber attack ever. The cyber assault took down websites for the nation’s interior, health, justice and welfare ministries, as well as that of the prime minister’s office. All are pages on Israel’s gov.il domain.
With the latest threat mounting on Israel proves that there will be more attacks on the nation, what sector is next?
