![]() ![]() ![]() Use of special file names, content and domain names (e.g.Attackers take an interest in government entities, especially embassies, where security measures and IT operations might not be well established and reliable.Some more interesting facts about Gaza cybergang: The main infection modules used by this group are pretty common RATs: XtremeRAT and PoisonIvy IR people are also known for having access to sensitive data related to ongoing cyber investigations in their organizations, in addition to special access and permissions enabling them to hunt for malicious or suspicious activities on the network… This is why getting access to their devices could be worth a lot more than for a normal user. IT people are known for having more access and permissions inside their organizations than other employees, mainly because they need to manage and operate the infrastructure. One interesting new fact about Gaza cybergang activities is that they are actively sending malware files to IT (Information Technology) and IR (Incident Response) staff this is also obvious from the file names they are sending to victims, which reflect the IT functions or IR tools used in cyber attack investigations. ![]() The group has been operating since 2012 and became particularly active in Q2 2015. Gaza cybergang is a politically motivated Arabic cybercriminal group operating in the MENA (Middle East North Africa) region, targeting mainly Egypt, United Arab Emirates and Yemen. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |