Critical Infrastructure Security, Threat Intelligence
Expanded cyberattacks launched by Hamas-linked hackers against Israel
(Adobe Stock)
Mounting tensions in the Middle East have been exploited by Hamas-affiliated threat operation WIRTE which had been linked to the Gaza Cyber Gang, also known as TA402 and Molerats as it sought to broaden intrusions against organizations across Israel, according to The Hacker News.
After engaging in cyberespionage attacks that involved the distribution of RAR archive lures to deploy the IronWind downloader and Havoc post-exploitation framework, WIRTE proceeded to target numerous Israeli entities with the updated SameCoin Wiper malware in a phishing campaign impersonating an Israeli partner of cybersecurity firm ESET, a report from Check Point showed. Integrated within the new SameCoin Wiper variant was an encryption technique previously seen in a more recent iteration of the IronWind loader, researchers reported.
"Despite ongoing conflict in the Middle East, the group has persisted with multiple campaigns, showcasing a versatile toolkit that includes wipers, backdoors, and phishing pages used for both espionage and sabotage," added researchers.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds