Facebook uncovers Palestinian government officials targeted with malware

April 22, 2021
Facebook found that two Palestinian hacking groups are conducting cyberespionage operations that trick people into installing malicious software, reports ZDNet.

According to the social media giant’s report, one group known as Arid Viper is connected to the Hamas party’s cyber arm, while the other is associated with the Fatah party’s Palestinian Preventive Security Service. Both groups use compromised and fake social media accounts disguising as Fatah or Hamas supporters, young women, journalists and various military groups.

Arid Viper uses a custom surveillanceware called Phenakite, which can steal sensitive user data from iPhones and can also direct victims to phishing pages to steal their Facebook or iCloud credentials. PSS, on the other hand, uses social engineering to force users into installing Microsoft and Android malware, Facebook stated. Once installed, the PSS malware will then collect the user’s information, including their call logs, location, text messages, contacts and device metadata, and keylogger functionality in some instances.

Facebook released a list of indicators that would alert users of such activity. These include 179 domains, two iOS malware hashes, 10 Android malware hashes and eight desktop malware hashes.
Jill Aitoro

SC Media Editor in Chief Jill Aitoro has 20 years of experience editing and reporting on technology, business and policy. She also serves as editorial director at SC Media’s parent company, CyberRisk Alliance. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

prestitial ad